Bug#925411: kernel-package: Not suitable for release
Hi Ben, On Sun, Mar 24, 2019 at 11:23:58PM +, Ben Hutchings wrote: > Control: severity -1 serious > > On Sun, 2019-03-24 at 16:19 -0600, Nicholas D Steeves wrote: > > Control: severity -1 important > > Justification: essential package that works flawlessly for me > > This was agreed with the maintainer, so you should not override it. > > The discussion is here: > https://lore.kernel.org/lkml/1551888035-13329-1-git-send-email-yamada.masah...@socionext.com/ > but unfortunately Manoj's message didn't get archived there for some > reason. > Maybe I'm missing something, but I couldn't find sufficient justification there... That said, I did more tests, because an RC bug that cuts such a useful package from a release really ought to have justification. I can now confirm that at least one dkms module (tp-smapi-dkms) doesn't build with make-kpkg-generated kernel packages on buster. Maybe all dkms modules are affected? Maybe Manoj' message said something to that affect, and how make-kpkg produces packages that are defective in this way...and maybe other ways? > [...] > > The new style kernel packaging is hard to learn how to use, and builds > > take much longer for some reason (generation of more packages?). > [...] > > It sounds like you're looking at the linux source package. I would > certainly not suggest using that for local custom packages; it's meant > for distributions. > > The simple alternative is already included in the kernel tree itself: > > make bindeb-pkg > Ah, yes, thank you! :-) Regarding documentation, should Debian-specific bits go on our wiki or be forwarded upstream? eg: the top line of BuildADebianKernelPackage says "this is an obsolete now guide", but then at the bottom it says "make -j`nproc` bindeb-pkg". I specifically missed that because first line conveys the message "stop reading this doc now, it's an obsolete waste of time". > It does generate some extra packages (linux-headers and linux-libc-dev) > but that doesn't take very long. The generated packages don't support > /etc/kernel-img.conf but they do support hooks in /etc/kernel. > Should users who track a 4.19.x-based branch use buster's linux-libc-dev headers, or install the ones that correspond to their custom kernel? > > 13.018+nmu1 on buster works like it always has for me--flawlessly. I > > built upstream vanilla 4.19.31 two days ago. > > Bug #890817 also looks like it may be a big problem for current kernel > versions, but apparently you have avoided it. > For once, yes :-) Generally I'm unlucky and hit all the bugs haha. Thanks again for taking the time to reply, I appreciate it! Also, thank you for your hard work, and for all time spent on the BTS. Cheers, Nicholas signature.asc Description: PGP signature
Bug#914034: Bug#911938: libhttp-daemon-ssl-perl FTBFS: tests fail: Connection refused
On Sun, 07 Apr 2019 at 20:56:41 +0200, gregor herrmann wrote: > Alright, after purging libssl1.0.2 (and the outdated packages which > depended on it *cough*) I get the hang as well: > […] > Thanks for the push in the right direction! You're welcome :-) Does clearing the SSL_MODE_AUTO_RETRY context flag (i.e., reverting the default from OpenSSL <1.1.1) solves this for you too? If so, what do you think about my proposed paths forwards from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034#71 If there is consensus that libssl's SSL_CTRL_CLEAR_MODE and/or SSL_CTX_clear_mode should be exposed to Net::SSLeay I'd be happy to propose a patch there. That leaves the question about which defaults context flags should IO::Socket::SSL (or LWP) have, though. -- Guilhem. signature.asc Description: PGP signature
Bug#926603: Debian fails to start after installation into Virtualbox
Control: tags -1 moreinfo Am 07.04.19 um 18:51 schrieb Andy Ruddock: > Package: systemd > Severity: critical > > I'm running Windows 10 (Home edition - up to date) on the desktop, with > Virtualbox (v6.0.4). > I've used both the netinst CD & the testing DVD (downloaded today - > 07/Apr/2019) to install Buster. > After installation the system fails to start with many errors. > The first is : > > systemd[1]: user.slice: Failed to set inovcation ID for unit: File > exists > [FAILED]: Failed to start User and Session Slice. > > other services then fail to start : > > [FAILED] Failed to start Slices. > [FAILED] Failed to listen on udev Kernel Socket. > [FAILED] Failed to start Remote File Systems. > [FAILED] Failed to listen on Syslog Socket. > > and many more, followed by > > systemd[1]: Timed out waiting for device /dev/disk/by-uuid/2cb > > finally > > [FAILED] Failed to start Network. > > At which point there is no more, the system just halts. > > Starting with "quiet" removed from linux invocation in grub, I see > > systemd[1]: systemd 241 running in system mode. (+PAM +AUDIT +SELINUX > +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS > +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 > default-hierarchy=hybrid) > systemd[1]: Detected virtualization oracle. > systemd[1]: Detected architecture x86-64. > > Welcome to Debian GNU/Linux buser/sid! Please follow the instructions at https://freedesktop.org/wiki/Software/systemd/Debugging/ and get us a verbose debug log from the complete boot. Please also attach the output of "reportbug --template systemd" on the affected system. -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Processed: Re: Debian fails to start after installation into Virtualbox
Processing control commands: > tags -1 moreinfo Bug #926603 [systemd] Debian fails to start after installation into Virtualbox Added tag(s) moreinfo. -- 926603: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926603 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Bug #834089 in socklog marked as pending
Processing control commands: > tag -1 pending Bug #834089 [socklog-run] runit: breaks users of runit: ln: failed to create symbolic link '/etc/service/bcron-sched': No such file or directory Ignoring request to alter tags of bug #834089 to the same tags previously set -- 834089: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834089 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#857208: Bug #857208 in socklog marked as pending
Control: tag -1 pending Hello, Bug #857208 in socklog reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/debian/socklog/commit/72a4ab237ec4170c3563a40b1ec88ca0308cb3fd Convert the package to debhelper (Closes: #857208) Convert and modernise the original package. Quite a few things moved in the past 11 years. Comply with Debian standards version 4.3.0. (this message was generated automatically) -- Greetings https://bugs.debian.org/857208
Bug#834089: Bug #834089 in socklog marked as pending
Control: tag -1 pending Hello, Bug #834089 in socklog reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/debian/socklog/commit/abe8840e59748eb8f0f4b5ec00061b59486ebe95 socklog-run: migrate to dh-runit (Closes: #668718, #834089) (this message was generated automatically) -- Greetings https://bugs.debian.org/834089
Processed: Bug #857208 in socklog marked as pending
Processing control commands: > tag -1 pending Bug #857208 [src:socklog] socklog: building with -A doesn't put the changelog in usr/share/doc/socklog-run/changelog.Debian.gz Ignoring request to alter tags of bug #857208 to the same tags previously set -- 857208: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857208 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#925909: [Help] Re: pbgenomicconsensus: autopkgtest regression
On Sun, Apr 07, 2019 at 02:08:54PM +0200, Liubov Chuprikova wrote: > I have just added python-pytest and one more missing library. Now the tests > should pass. Finally it passes now. Thanks a lot, Andreas. -- http://fam-tille.de
Bug#926613: openssh-server: Locked out of server after upgrading to buster.
Package: openssh-server Severity: serious Justification: Policy 8.2 Dear Maintainer, Due to a change in how some options are handled in sshd_config, upgrading to buster can result in the user getting locked out of their system if the config is not updated. Probably the most likely cause (and what occurred to me) is if the PubkeyAcceptedKeyTypes includes ssh-rsa and the admin logs in with an RSA key. After upgrading, the user will no longer be able to connect to the server. The solution for this case is to replace ssh-rsa with rsa-sha2-256,rsa-sha2-512. At the very least this needs to be mentioned in the upgrade instructions in the release notes for buster. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.15.0-47-generic (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=C.UTF-8 (charmap=locale: Cannot set LC_MESSAGES to default locale: No such file or directory locale: Cannot set LC_ALL to default locale: No such file or directory UTF-8), LANGUAGE=en_GB:en (charmap=locale: Cannot set LC_MESSAGES to default locale: No such file or directory locale: Cannot set LC_ALL to default locale: No such file or directory UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages openssh-server depends on: ii adduser3.118 ii debconf [debconf-2.0] 1.5.71 ii dpkg 1.19.6 ii libaudit1 1:2.8.4-2 ii libc6 2.28-8 ii libcom-err21.44.5-1 ii libgssapi-krb5-2 1.17-2 ii libkrb5-3 1.17-2 ii libpam-modules 1.3.1-5 ii libpam-runtime 1.3.1-5 ii libpam0g 1.3.1-5 ii libselinux12.8-1+b1 ii libssl1.1 1.1.1b-1 ii libsystemd0241-1 pn libwrap0 ii lsb-base 10.2019031300 ii openssh-client 1:7.9p1-9 pn openssh-sftp-server pn procps pn ucf ii zlib1g 1:1.2.11.dfsg-1 Versions of packages openssh-server recommends: ii libpam-systemd 241-1 pn ncurses-term ii xauth 1:1.0.10-1 Versions of packages openssh-server suggests: pn molly-guard pn monkeysphere pn rssh pn ssh-askpass pn ufw
Bug#900912: Enabling jaw (Java-atk-wrapper) by default ? (Bug#900912)
Vincent Privat, le dim. 07 avril 2019 21:55:33 +0200, a ecrit: > Disabling it only through accessibility.properties means we have no control > over it from JOSM. So when the next bug appears, we'll have to tell all of our > impacted Ubuntu users to modify the file. We are here only talking about Buster, not Ubuntu. > It's cumbersome for us, and for them. > I would prefer a runtime flag we can set in josm launcher. I don't want to > experience major issues like [1]https://josm.openstreetmap.de/ticket/12022 > and > [2]https://josm.openstreetmap.de/ticket/1 again. AFAIK, these have been fixed, so won't appear again. Exposing jaw largely *before* deciding to enable it for Buster is precisely what could be a better option. Limited-scope testing wouldn't expose the bugs seen in JOSM. Samuel
Bug#923715: marked as done (ceph-osd: missing systemd service in package: ceph-volume@.service)
Your message dated Sun, 07 Apr 2019 19:05:09 + with message-id and subject line Bug#924061: fixed in ceph 12.2.11+dfsg1-2.1 has caused the Debian Bug report #924061, regarding ceph-osd: missing systemd service in package: ceph-volume@.service to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 924061: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924061 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: ceph-osd Version: 12.2.11+dfsg1-2 Severity: normal Dear Maintainer, * What led up to the situation? I was learning how to set up a ceph cluster. I got this error when setting up an osd: root@mnemos-000:~# ceph-volume lvm create --data /dev/sda4 Running command: /usr/bin/ceph-authtool --gen-print-key Running command: /usr/bin/ceph --cluster ceph --name client.bootstrap-osd --keyring /var/lib/ceph/bootstrap-osd/ceph.keyring -i - osd new f28b9512-b4b7-4fd4-a9c6-6b811f3e2668 Running command: vgcreate --force --yes ceph-f1faaddc-1461-46cb-b4a0-5eb7686e10da /dev/sda4 stdout: Physical volume "/dev/sda4" successfully created. stdout: Volume group "ceph-f1faaddc-1461-46cb-b4a0-5eb7686e10da" successfully created Running command: lvcreate --yes -l 100%FREE -n osd-block-f28b9512-b4b7-4fd4-a9c6-6b811f3e2668 ceph-f1faaddc-1461-46cb-b4a0-5eb7686e10da stdout: Logical volume "osd-block-f28b9512-b4b7-4fd4-a9c6-6b811f3e2668" created. Running command: /usr/bin/ceph-authtool --gen-print-key Running command: mount -t tmpfs tmpfs /var/lib/ceph/osd/ceph-0 --> Absolute path not found for executable: restorecon --> Ensure $PATH environment variable contains common executable locations Running command: chown -h ceph:ceph /dev/ceph-f1faaddc-1461-46cb-b4a0-5eb7686e10da/osd-block-f28b9512-b4b7-4fd4-a9c6-6b811f3e2668 Running command: chown -R ceph:ceph /dev/dm-0 Running command: ln -s /dev/ceph-f1faaddc-1461-46cb-b4a0-5eb7686e10da/osd-block-f28b9512-b4b7-4fd4-a9c6-6b811f3e2668 /var/lib/ceph/osd/ceph-0/block Running command: ceph --cluster ceph --name client.bootstrap-osd --keyring /var/lib/ceph/bootstrap-osd/ceph.keyring mon getmap -o /var/lib/ceph/osd/ceph-0/activate.monmap stderr: got monmap epoch 1 Running command: ceph-authtool /var/lib/ceph/osd/ceph-0/keyring --create-keyring --name osd.0 --add-key AQBFHnlcTgfKNBAAYZJWbQKfEZMqslPZ6RLaAg== stdout: creating /var/lib/ceph/osd/ceph-0/keyring added entity osd.0 auth auth(auid = 18446744073709551615 key=AQBFHnlcTgfKNBAAYZJWbQKfEZMqslPZ6RLaAg== with 0 caps) Running command: chown -R ceph:ceph /var/lib/ceph/osd/ceph-0/keyring Running command: chown -R ceph:ceph /var/lib/ceph/osd/ceph-0/ Running command: /usr/bin/ceph-osd --cluster ceph --osd-objectstore bluestore --mkfs -i 0 --monmap /var/lib/ceph/osd/ceph-0/activate.monmap --keyfile - --osd-data /var/lib/ceph/osd/ceph-0/ --osd-uuid f28b9512-b4b7-4fd4-a9c6-6b811f3e2668 --setuser ceph --setgroup ceph --> ceph-volume lvm prepare successful for: /dev/sda4 Running command: chown -R ceph:ceph /var/lib/ceph/osd/ceph-0 Running command: ceph-bluestore-tool --cluster=ceph prime-osd-dir --dev /dev/ceph-f1faaddc-1461-46cb-b4a0-5eb7686e10da/osd-block-f28b9512-b4b7-4fd4-a9c6-6b811f3e2668 --path /var/lib/ceph/osd/ceph-0 Running command: ln -snf /dev/ceph-f1faaddc-1461-46cb-b4a0-5eb7686e10da/osd-block-f28b9512-b4b7-4fd4-a9c6-6b811f3e2668 /var/lib/ceph/osd/ceph-0/block Running command: chown -h ceph:ceph /var/lib/ceph/osd/ceph-0/block Running command: chown -R ceph:ceph /dev/dm-0 Running command: chown -R ceph:ceph /var/lib/ceph/osd/ceph-0 Running command: systemctl enable ceph-volume@lvm-0-f28b9512-b4b7-4fd4-a9c6-6b811f3e2668 stderr: Failed to enable unit: Unit file ceph-volume@lvm-0-f28b9512-b4b7-4fd4-a9c6-6b811f3e2668.service does not exist. --> Was unable to complete a new OSD, will rollback changes --> OSD will be fully purged from the cluster, because the ID was generated Running command: ceph osd purge osd.0 --yes-i-really-mean-it stderr: purged osd.0 --> RuntimeError: command returned non-zero exit status: 1 It appears that the /lib/systemd/system/ceph-volume@.service file is actually missing. If I'm not mistaken, it should be shipped in ceph-osd package. Best Regards. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages ceph-osd depends on: ii ceph-base
Bug#924061: marked as done (ceph-osd: ceph-volume@.service missing)
Your message dated Sun, 07 Apr 2019 19:05:09 + with message-id and subject line Bug#924061: fixed in ceph 12.2.11+dfsg1-2.1 has caused the Debian Bug report #924061, regarding ceph-osd: ceph-volume@.service missing to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 924061: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924061 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: ceph-osd Version: 12.2.11+dfsg1-2 Severity: grave Hi, unfortunately the ceph-volume@.service systemd template is missing, which basically breaks the activation of OSDs. Sounds like http://tracker.ceph.com/issues/21011 As this basically breaks the usage of bluestore volumes, I think grave is the appropriate severity, especially as - looking at the ceph bug tracker - this might have been working before. Thanks for fixing, Bernd -- Bernd ZeimetzDebian GNU/Linux Developer http://bzed.dehttp://www.debian.org GPG Fingerprint: ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F --- End Message --- --- Begin Message --- Source: ceph Source-Version: 12.2.11+dfsg1-2.1 We believe that the bug you reported is fixed in the latest version of ceph, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 924...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bernd Zeimetz (supplier of updated ceph package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 05 Apr 2019 15:12:52 +0200 Source: ceph Architecture: source Version: 12.2.11+dfsg1-2.1 Distribution: unstable Urgency: medium Maintainer: Ceph Maintainers Changed-By: Bernd Zeimetz Closes: 924061 Changes: ceph (12.2.11+dfsg1-2.1) unstable; urgency=medium . * Non-maintainer upload. * [3194010] Install ceph-volume@.service into ceph-osd. (Closes: #924061) Checksums-Sha1: 1e09aea536652b2c2ab6bf8bbdef83dc7f4af983 5453 ceph_12.2.11+dfsg1-2.1.dsc 1054a695230dd54add0bfafbe6691e462cc6cef4 386832 ceph_12.2.11+dfsg1-2.1.debian.tar.xz 3f16402b57c5ab095c0bb0f6d43c7bd909efecaf 20380 ceph_12.2.11+dfsg1-2.1_source.buildinfo Checksums-Sha256: 9ac7dc57a5b0945d8c3e44f84c66adbc68b8633895c8cb0549f47befbb261ebb 5453 ceph_12.2.11+dfsg1-2.1.dsc 2838d74532318eae444586c16cb0c26ab69691200bd0d9eb3c0873ddc5238110 386832 ceph_12.2.11+dfsg1-2.1.debian.tar.xz 0a63eb7393758f3637de5a862f858f6976e9836dd97583b38e29e7bd4e4421cb 20380 ceph_12.2.11+dfsg1-2.1_source.buildinfo Files: 5dd89d4dec60272d963eb55882b9866a 5453 admin optional ceph_12.2.11+dfsg1-2.1.dsc 48f6bbfb404a2b305c3d03b2da6d9b72 386832 admin optional ceph_12.2.11+dfsg1-2.1.debian.tar.xz 4ffbf56f80dc477445ec200878225c7c 20380 admin optional ceph_12.2.11+dfsg1-2.1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE7KHj8o4RJDLUhd2V6zYXGm/5Q18FAlynnoEACgkQ6zYXGm/5 Q19oCw/8CQpatIiJqpWL7sVLGSmvU9pJ4q0vkGQOBwvpe1BbsWbyT42ZlJzHOCkv N4BtQG0dpfXGVwa3HLkIDWZ3P5uQfHlvZyqUM/wTb5mEHRb8Nq/OQTufxJPo7UfC EsbebW6XG/wf6ubkx01oeXz4V4h5N8PqozdNTWkm09QZ1GrmkRZEmuYzuxGWTrHV dk71u4yvQopOLzr0arsVgubU9e7bqwiIaqBtMcX40l7rckfsO52s0c66IvyN0I3n z7LUGd+p0/XjUwpe2YknhIQCX85BjxglwyuD++dsYIFsrL/mpgOHW4cQdFx4uoao nEawlfCmAHKMdJtPKro0wrK6l4fxSDTh219qYcOPrDB/uJVZes94FSxkne5zYu5m nIuYCEfCc6bTEmDSS3IGnuAkn5HL5v5x0PaAfVCltlpxdEuPAZvspoWcfb/wLTVA OTngNNVXLJSVf3G5OVZxeAqfhKr7k5uJ6gQhW1mtW8skd+JM/hQg3uauXp8hmCEf S1RY/VVcCZEOpGa3WbTIN97OtikJJDwfGtrLx4lZG05B29KCYHCIQoHtbSy3XeXu hcE9LTigDqpjA5flmORies+ieAFoP6MmkzqF+r4SFSC+ZNp73yT4sXzcXww64yML Fu+8eH54DBSar75v+TkrPhy/glGyIkwd/qr1+rzIzReHG89JKxY= =6fgP -END PGP SIGNATURE End Message ---
Bug#914034: Bug#911938: libhttp-daemon-ssl-perl FTBFS: tests fail: Connection refused
On Sun, 07 Apr 2019 18:39:44 +0200, Guilhem Moulin wrote: > > I can't reproduce this problem: > Interesting, are you talking TLS 1.3? Good question :) > $ dpkg-query -l "libssl*" "libnet-ssleay-perl" "liblwp-protocol-https-perl" > "libio-socket-ssl-perl" > Desired=Unknown/Install/Remove/Purge/Hold > | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend > |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) > ||/ Name Version Architecture Description > +++-==---= > ii libio-socket-ssl-perl 2.060-3 all Perl module > implementing object oriented interface to SSL sockets > ii liblwp-protocol-https-perl 6.07-2 all HTTPS driver for > LWP::UserAgent > ii libnet-ssleay-perl 1.85-2+b1amd64Perl module for > Secure Sockets Layer (SSL) > ii libssl-dev:amd64 1.1.1b-1 amd64Secure Sockets Layer > toolkit - development files > un libssl-doc (no description > available) > un libssl0.9.8 (no description > available) > un libssl1.0-dev(no description > available) > ii libssl1.1:amd641.1.1b-1 amd64Secure Sockets Layer > toolkit - shared libraries % dpkg -l "libssl*" "libnet-ssleay-perl" "liblwp-protocol-https-perl" "libio-socket-ssl-perl" Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-==-===--= ii libio-socket-ssl-perl 2.060-3 all Perl module implementing object oriented interface to SSL sockets ii liblwp-protocol-https-perl 6.07-2 all HTTPS driver for LWP::UserAgent ii libnet-ssleay-perl 1.85-2+b1 amd64Perl module for Secure Sockets Layer (SSL) un libssl0.9.8 (no description available) un libssl1.0.0 (no description available) ii libssl1.0.2:amd64 1.0.2r-1~deb9u1 amd64Secure Sockets Layer toolkit - shared libraries ii libssl1.1:amd641.1.1b-1amd64Secure Sockets Layer toolkit - shared libraries ii libssl1.1:i386 1.1.1b-1i386 Secure Sockets Layer toolkit - shared libraries Hm I note that I still have libssl1.0.2 installed additionally. Alright, after purging libssl1.0.2 (and the outdated packages which depended on it *cough*) I get the hang as well: % time perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://facebook.com;, { data => "foo" }) or die' [long time nothing] perl -MLWP::UserAgent -e 0.18s user 0.02s system 0% cpu 3:06.66 total Thanks for the push in the right direction! > > % time perl -MLWP::UserAgent -e > > 'LWP::UserAgent->new->post("https://twitter.com;, { data => "foo" }) or die' > > perl -MLWP::UserAgent -e 0.13s user 0.02s system 36% cpu 0.415 total > > twitter.com doesn't support TLS 1.3 though, right? Good catch, I just wanted to try a random website which is IPv4-only. Cheers, gregor -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe `- NP: Furry Lewis: Billy lyons & stack o' lee signature.asc Description: Digital Signature
Bug#926212: gnome-shell crashed (segfault)
Hello Guenter Grodotzki, (I guess you wanted me to receive your last message, so you should use "reply all", or it gets just attached to your bug report.) I have left a note in this upstream report [1], lets see if they agree. Kind regards, Bernhard [1] https://gitlab.gnome.org/GNOME/gnome-shell/issues/822#note_484642 PS.: My untested change in message 10 might not crash, but lead to an infinitive loop, as app->running_state might not change anymore...
Bug#925455: alsa volume never saved/restored
* gregor herrmann [2019-04-07 18:16 +0200]: > On Sun, 07 Apr 2019 18:05:06 +0200, Elimar Riesebieter wrote: > > > > There is a commit in the packaging repo which claims to fix this bug: > > > https://salsa.debian.org/alsa-team/alsa-utils/commit/af161676131e94bbaed72f37d0c5d4c6685a119e > > Jordi is MIA at the moment. Tried to reach him since a few days. I > > can't upload the fix myself, though... > > I pinged him on a different channel, but if he doesn't have time I'm > happy to offer a sponsored upload to fix this bug. Would be nice. Yes, please :-) -- "Talking much about oneself can also be a means to conceal oneself." -Friedrich Nietzsche signature.asc Description: PGP signature
Bug#926603: Debian fails to start after installation into Virtualbox
Package: systemd Severity: critical I'm running Windows 10 (Home edition - up to date) on the desktop, with Virtualbox (v6.0.4). I've used both the netinst CD & the testing DVD (downloaded today - 07/Apr/2019) to install Buster. After installation the system fails to start with many errors. The first is : systemd[1]: user.slice: Failed to set inovcation ID for unit: File exists [FAILED]: Failed to start User and Session Slice. other services then fail to start : [FAILED] Failed to start Slices. [FAILED] Failed to listen on udev Kernel Socket. [FAILED] Failed to start Remote File Systems. [FAILED] Failed to listen on Syslog Socket. and many more, followed by systemd[1]: Timed out waiting for device /dev/disk/by-uuid/2cb finally [FAILED] Failed to start Network. At which point there is no more, the system just halts. Starting with "quiet" removed from linux invocation in grub, I see systemd[1]: systemd 241 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid) systemd[1]: Detected virtualization oracle. systemd[1]: Detected architecture x86-64. Welcome to Debian GNU/Linux buser/sid! -- Andy Ruddock andy.rudd...@rainydayz.org (OpenPGP Key ID 0xB0324245) signature.asc Description: OpenPGP digital signature
Bug#919914: gnome-tweaks now equates "don't suspend on lid close" with "don't lock on lid close" (security issue)
intrigeri: > Would you be interested in testing whether > https://gitlab.gnome.org/GNOME/gnome-settings-daemon/merge_requests/84 > fixes this problem for you? FWIW the patch proposed upstream applies nicely on top of our debian/unstable branch: https://salsa.debian.org/gnome-team/gnome-settings-daemon/merge_requests/3 I probably won't have time to test this myself in the next few days. Hoping this WIP MR might save someone else a tiny bit of time :) Cheers, -- intrigeri
Processed: found 919914 in 3.30.2-3
Processing commands for cont...@bugs.debian.org: > found 919914 3.30.2-3 Bug #919914 [gnome-settings-daemon] gnome-tweaks now equates "don't suspend on lid close" with "don't lock on lid close" (security issue) Marked as found in versions gnome-settings-daemon/3.30.2-3. > thanks Stopping processing here. Please contact me if you need assistance. -- 919914: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919914 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#926602: jinja2: CVE-2019-10906
Source: jinja2 Version: 2.10-1 Severity: grave Tags: patch security upstream Hi, The following vulnerability was published for jinja2. CVE-2019-10906[0]: | In Pallets Jinja before 2.10.1, str.format_map allows a sandbox | escape. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-10906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10906 [1] https://palletsprojects.com/blog/jinja-2-10-1-released/ [2] https://github.com/pallets/jinja/commit/a2a6c930bcca591a25d2b316fcfd2d6793897b26 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
Bug#882324: marked as done (amavisd-new doesn't honor "originating" configuration flag, contrary to documentation)
Your message dated Sun, 07 Apr 2019 16:48:45 + with message-id and subject line Bug#882324: fixed in amavisd-new 1:2.11.0-6.1 has caused the Debian Bug report #882324, regarding amavisd-new doesn't honor "originating" configuration flag, contrary to documentation to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882324: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882324 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: amavisd-new Version: 1:2.11.0-1 Severity: important Tags: upstream Dear Maintainer, amavisd-new contains detailed documentation about using the "originating" flag[0], but this is not actually supported. A solution[1] has been posted to the amavisd mailing list, but has been without response for over a year. It's curreently still a problem as evidenced by a thread on amavis-users[2] [0] https://www.ijs.si/software/amavisd/amavisd-new-docs.html#dkim-amavisd-path [1] https://lists.amavis.org/pipermail/amavis-users/2016-July/004428.html [2] https://lists.amavis.org/pipermail/amavis-users/2017-November/005116.html -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages amavisd-new depends on: ii adduser 3.116 ii debconf 1.5.63 ii file 1:5.32-1 ii libarchive-zip-perl 1.59-1 ii libberkeleydb-perl 0.55-1+b4 ii libconvert-tnef-perl 0.18-1 ii libconvert-uulib-perl1:1.5~dfsg-1 pn libdigest-md5-perl ii libio-stringy-perl 2.111-2 ii libmail-dkim-perl0.44-1 ii libmailtools-perl2.18-1 pn libmime-base64-perl ii libmime-tools-perl 5.509-1 ii libnet-libidn-perl 0.12.ds-2+b5 ii libnet-server-perl 2.008-4 ii libperl5.26 [libtime-hires-perl] 5.26.1-2 ii libunix-syslog-perl 1.1-2+b8 ii lsb-base 9.20170808 ii pax 1:20171021-1 ii perl 5.26.1-2 ii perl-modules-5.26 [libarchive-tar-perl] 5.26.1-2 Versions of packages amavisd-new recommends: ii altermime 0.3.10-9 ii libnet-patricia-perl 1.22-1+b4 ii ripole0.2.0+20081101.0215-4 Versions of packages amavisd-new suggests: pn apt-listchanges pn arj pn cabextract pn clamav pn clamav-daemon ii cpio 2.11+dfsg-6 pn dspam pn lhasa ii libauthen-sasl-perl 2.1600-1 ii libdbi-perl 1.637-1 ii libmail-dkim-perl0.44-1 ii libnet-ldap-perl 1:0.6500+dfsg-1 pn libsnmp-perl pn libzeromq-perl pn lzop pn nomarch pn p7zip pn rpm ii spamassassin 3.4.1-8 pn unrar -- Configuration Files: /etc/amavis/conf.d/01-debian /etc/amavis/conf.d/05-domain_id /etc/amavis/conf.d/05-node_id /etc/amavis/conf.d/15-av_scanners /etc/amavis/conf.d/15-content_filter_mode /etc/amavis/conf.d/20-debian_defaults /etc/amavis/conf.d/25-amavis_helpers /etc/amavis/conf.d/30-template_localization /etc/amavis/conf.d/50-user -- no debconf information --- End Message --- --- Begin Message --- Source: amavisd-new Source-Version: 1:2.11.0-6.1 We believe that the bug you reported is fixed in the latest version of amavisd-new, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 882...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Tobias Frost (supplier of updated amavisd-new package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org)
Bug#914034: Bug#911938: libhttp-daemon-ssl-perl FTBFS: tests fail: Connection refused
On Sun, 07 Apr 2019 at 18:12:45 +0200, gregor herrmann wrote: > On Sun, 18 Nov 2018 19:41:05 +0200, Niko Tyni wrote: > >> Reiterating a bit: the underlying issue with TLSv1.3 seems to be related >> to handling of 'non-application_data_records'. >> >> The client tries to POST but gets an 'SSL wants a read first' error, >> then waits until timeout for the socket to become writable. >> >> A simple way to reproduce it here is >> >> perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://facebook.com;, >> { data => "foo" }) or die' >> >> which deadlocks for me. > > I can't reproduce this problem: Interesting, are you talking TLS 1.3? $ dpkg-query -l "libssl*" "libnet-ssleay-perl" "liblwp-protocol-https-perl" "libio-socket-ssl-perl" Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-==---= ii libio-socket-ssl-perl 2.060-3 all Perl module implementing object oriented interface to SSL sockets ii liblwp-protocol-https-perl 6.07-2 all HTTPS driver for LWP::UserAgent ii libnet-ssleay-perl 1.85-2+b1amd64Perl module for Secure Sockets Layer (SSL) ii libssl-dev:amd64 1.1.1b-1 amd64Secure Sockets Layer toolkit - development files un libssl-doc (no description available) un libssl0.9.8 (no description available) un libssl1.0-dev(no description available) ii libssl1.1:amd641.1.1b-1 amd64Secure Sockets Layer toolkit - shared libraries $ openssl req -x509 -newkey rsa:4096 -keyout /tmp/key.pem -out /tmp/cert.pem -subj /CN=example.net -nodes $ openssl s_server -accept 127.0.0.1:4433 -key /tmp/key.pem -cert /tmp/cert.pem -tls1_3 […] Then on a separate terminal, with SSL_MODE_AUTO_RETRY set (the default), it blocks on read(2): $ strace -eselect,read,write perl -MLWP::UserAgent -e 'LWP::UserAgent->new(ssl_opts => {verify_hostname => 0, SSL_ca_file => "/tmp/cert.pem"})->post("https://127.0.0.1:4433;, { data => "foo" })' […] select(8, [3], [3], NULL, {tv_sec=180, tv_usec=0}) = 2 (in [3], out [3], left {tv_sec=179, tv_usec=98}) read(3, "…", 5) = 5 read(3, "…", 250) = 250 read(3, "…", 5) = 5 read(3, "…", 250) = 250 read(3, With SSL_MODE_AUTO_RETRY cleared, the handshake terminates and it waits for the reply from the server: $ strace -eselect,read,write perl -MLWP::UserAgent -e 'LWP::UserAgent->new(ssl_opts => {verify_hostname => 0, SSL_ca_file => "/tmp/cert.pem"})->post("https://127.0.0.1:4433;, { data => "foo" })' […] select(8, [3], [3], NULL, {tv_sec=180, tv_usec=0}) = 2 (in [3], out [3], left {tv_sec=179, tv_usec=98}) read(3, "…", 5) = 5 read(3, "…", 250) = 250 write(3, "…", 216) = 216 select(8, [3], NULL, NULL, {tv_sec=180, tv_usec=0}) = 1 (in [3], left {tv_sec=179, tv_usec=99}) read(3, "…", 5) = 5 read(3, "…", 250) = 250 select(8, [3], NULL, NULL, {tv_sec=180, tv_usec=0} (and the connection closes gracefuly when I write “HTTP/1.1 200\r\nContent-Length: 0\r\n\r\n” from the server) > % time perl -MLWP::UserAgent -e > 'LWP::UserAgent->new->post("https://twitter.com;, { data => "foo" }) or die' > perl -MLWP::UserAgent -e 0.13s user 0.02s system 36% cpu 0.415 total twitter.com doesn't support TLS 1.3 though, right? $ openssl s_client -4 -connect twitter.com:443 -servername twitter.com -tls1_3 CONNECTED(0003) 139682444989504:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1536:SSL alert number 40 -- Guilhem. signature.asc Description: PGP signature
Bug#914034: Bug#911938: libhttp-daemon-ssl-perl FTBFS: tests fail: Connection refused
On Sun, 18 Nov 2018 19:41:05 +0200, Niko Tyni wrote: > Reiterating a bit: the underlying issue with TLSv1.3 seems to be related > to handling of 'non-application_data_records'. > > The client tries to POST but gets an 'SSL wants a read first' error, > then waits until timeout for the socket to become writable. > > A simple way to reproduce it here is > > perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://facebook.com;, > { data => "foo" }) or die' > > which deadlocks for me. I can't reproduce this problem: % time perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://facebook.com;, { data => "foo" }) or die' perl -MLWP::UserAgent -e 0.15s user 0.01s system 40% cpu 0.397 total Has there something changed in LWP::Protocol::https Net::HTTPS IO::Socket::SSL Net::SSLeay or something else, or is this some local environment thing? Also no issue with IPv4-only hosts: % time perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://twitter.com;, { data => "foo" }) or die' perl -MLWP::UserAgent -e 0.13s user 0.02s system 36% cpu 0.415 total Cheers, gregor, confused, as Guilhem (in message #71) could still reproduce it at 7 Apr 2019 -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe `- NP: Furry Lewis: Billy lyons & stack o' lee signature.asc Description: Digital Signature signature.asc Description: Digital Signature
Bug#925455: alsa volume never saved/restored
On Sun, 07 Apr 2019 18:05:06 +0200, Elimar Riesebieter wrote: > > There is a commit in the packaging repo which claims to fix this bug: > > https://salsa.debian.org/alsa-team/alsa-utils/commit/af161676131e94bbaed72f37d0c5d4c6685a119e > Jordi is MIA at the moment. Tried to reach him since a few days. I > can't upload the fix myself, though... I pinged him on a different channel, but if he doesn't have time I'm happy to offer a sponsored upload to fix this bug. Cheers, gregor -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe `- NP: Furry Lewis: Billy lyons & stack o' lee signature.asc Description: Digital Signature
Bug#925455: alsa volume never saved/restored
* gregor herrmann [2019-04-07 17:46 +0200]: > Control: tag -1 + patch pending > > On Mon, 25 Mar 2019 12:05:36 +0100, Laurent Bigonville wrote: > > > The more obvious solution would of course be to remove the condition in the > > .service file > > There is a commit in the packaging repo which claims to fix this bug: > https://salsa.debian.org/alsa-team/alsa-utils/commit/af161676131e94bbaed72f37d0c5d4c6685a119e Jordi is MIA at the moment. Tried to reach him since a few days. I can't upload the fix myself, though... Elimar -- We all know Linux is great... it does infinite loops in 5 seconds. -Linus Torvalds signature.asc Description: PGP signature
Bug#926305: nis startup scripts are completely broken
Hello everyone, Greetings from the Gothenburg BSP. If someone is interested in modernizing the nis package it seems like ArchLinux has native systemd units for nis and related services so I'd suggest importing those: https://aur.archlinux.org/packages/nis-utils/ https://www.archlinux.org/packages/core/x86_64/rpcbind/ See also https://wiki.archlinux.org/index.php/NIS Regards, Andreas Henriksson
Processed: Re: Bug#925455: alsa volume never saved/restored
Processing control commands: > tag -1 + patch pending Bug #925455 [alsa-utils] alsa volume never saved/restored Added tag(s) pending and patch. -- 925455: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925455 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#925455: alsa volume never saved/restored
Control: tag -1 + patch pending On Mon, 25 Mar 2019 12:05:36 +0100, Laurent Bigonville wrote: > The more obvious solution would of course be to remove the condition in the > .service file There is a commit in the packaging repo which claims to fix this bug: https://salsa.debian.org/alsa-team/alsa-utils/commit/af161676131e94bbaed72f37d0c5d4c6685a119e Cheers, gregor -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe `- NP: Furry Lewis: Billy lyons & stack o' lee signature.asc Description: Digital Signature
Bug#914034: bug in Net::SSLeay?
Control: usertag -1 bsp-2019-04-se-gothenburg Hi there, strace(1) shows a select(2) syscall indicating that the socket is ready for both read and write, but is later blocking on a read(2) without any write(2) taking place. select(8, [3], [3], NULL, {tv_sec=180, tv_usec=0}) = 2 (in [3], out [3], left {tv_sec=179, tv_usec=98}) read(3, "…", 5) = 5 read(3, "…", 156) = 156 read(3, Net::SSLeay warns: If you need to select(2) on the socket, go right ahead, but be warned that OpenSSL does some internal buffering so SSL_read does not always return data even if the socket selected for reading (just keep on selecting and trying to read). "Net::SSLeay" is no different from the C language OpenSSL in this respect. And indeed LWP::Protocol::http's use of select(2) on SSL sockets *does* assume that read/write readiness won't block. (If Net::SSLeay::read() returns -1, then the loop will retry later with SSL_ERROR_WANT_READ/WRITE.) However since OpenSSL 1.1.1 the SSL_MODE_AUTO_RETRY flag is on by default, which breaks that assumption: ssl_read(3) might block, even when select(2) claimed the socket had data to be read. SSL_MODE_AUTO_RETRY During normal operations, non-application data records might need to be sent or received that the application is not aware of. If a non-application data record was processed, SSL_read_ex(3) and SSL_read(3) can return with a failure and indicate the need to retry with SSL_ERROR_WANT_READ. If such a non-application data record was processed, the flag SSL_MODE_AUTO_RETRY causes it to try to process the next record instead of returning. […] In a blocking environment, applications are not always prepared to deal with the functions returning intermediate reports such as retry requests, and setting the SSL_MODE_AUTO_RETRY flag will cause the functions to only return after successfully processing an application data record or a failure. […] All modes are off by default except for SSL_MODE_AUTO_RETRY which is on by default since 1.1.1. — https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_mode.html See also https://github.com/openssl/openssl/issues/6234 . I see several paths forward here: - Refactor LWP::Protocol::http's select loop to solve the assumption that's now broken with OpenSSL ≥1.1.1; or - Unset SSL_MODE_AUTO_RETRY in IO::Socket::SSL; or - Make context flags configurable in IO::Socket::SSL, and unset SSL_MODE_AUTO_RETRY from LWP. IMHO the first option is not ideal so late in the release cycle. The second option is the easiest to implement, and should™ be regression-free, but might confuse people who became used to OpenSSL ≥1.1.1's new context default flags. SSL_CTX_clear_mode(3) and SSL_CTRL_CLEAR_MODE macros are unfortunately not exposed to Net::SSLeay 1.85-2. The proper fix would be to expose these and release a new version of Net::SSLeay, of course, but for tests the macros can be taken from /usr/include/openssl/ssl.h: # define SSL_CTRL_CLEAR_MODE 78 […] # define SSL_CTX_clear_mode(ctx,op) \ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL) and used as is in IO::Socket::SSL.pm. With the following patch I'm again able to POST to HTTPS servers using TLS 1.3. --8<--->8-- --- a/IO/Socket/SSL.pm +++ b/IO/Socket/SSL.pm @@ -2433,6 +2433,7 @@ # cannot guarantee, that the location of the buffer stays constant Net::SSLeay::CTX_set_mode( $ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER|SSL_MODE_ENABLE_PARTIAL_WRITE); + Net::SSLeay::CTX_ctrl($ctx, 78, Net::SSLeay::MODE_AUTO_RETRY(), undef); if ( my $proto_list = $arg_hash->{SSL_npn_protocols} ) { return IO::Socket::SSL->_internal_error("NPN not supported in Net::SSLeay",9) --8<--->8-- (Again, I'm not proposing to patch IO::Socket::SSL as above :-) With MODE_AUTO_RETRY set — the default for OpenSSL ≥1.1.1 — one gets: $ strace -e trace=read,write,select perl -MLWP::UserAgent -e 'LWP::UserAgent->new(ssl_opts => {SSL_version => "TLSv1_3"})->post("https://facebook.com;, { data => "plonc" })'; […] select(8, [3], [3], NULL, {tv_sec=180, tv_usec=0}) = 2 (in [3], out [3], left {tv_sec=179, tv_usec=98}) read(3, "…", 5) = 5 read(3, "…", 156) = 156 read(3, And now with the MODE_AUTO_RETRY flag unset: $ select(8, [3], [3], NULL, {tv_sec=180, tv_usec=0}) = 2 (in [3], out [3], left {tv_sec=179, tv_usec=98}) read(3, "…", 5) = 5 read(3, "…", 156) = 156 write(3, "…", 217) = 217 select(8, [3], NULL, NULL, {tv_sec=180, tv_usec=0}) = 1 (in [3], left {tv_sec=179, tv_usec=870931}) read(3, "…", 5) = 5 read(3, "…", 361) = 361 Cheers, -- Guilhem. signature.asc Description: PGP signature
Bug#925909: marked as done (pbgenomicconsensus: autopkgtest regression)
Your message dated Sun, 07 Apr 2019 15:33:36 + with message-id and subject line Bug#925909: fixed in pbgenomicconsensus 2.3.2-5 has caused the Debian Bug report #925909, regarding pbgenomicconsensus: autopkgtest regression to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 925909: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925909 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: pbgenomicconsensus Version: 2.3.2-1 Severity: serious X-Debbugs-CC: debian...@lists.debian.org User: debian...@lists.debian.org Usertags: regression Hi Maintainer Since the upload of 2.3.2-1, pbgenomicconsensus has been failing its own autopkgtests [1] with the following error: autopkgtest [12:23:51]: test command2: [--- # Tests that need to be run by Jenkins but are slowing # down the development cycle, so aren't run by "tests" # target. PATH=`pwd`:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games cram --verbose --xunit-file=gc-extra-cram.xml `ls tests/cram/extra/*.t | grep -v arrow` tests/cram/extra/plurality-fluidigm.t: failed --- tests/cram/extra/plurality-fluidigm.t +++ tests/cram/extra/plurality-fluidigm.t.err @@ -8,12 +8,26 @@ Set the QV threshold to 10. $ variantCaller --algorithm=plurality -r $REFERENCE -q 10 -o variants.gff -o consensus.csv -o consensus.fastq $INPUT + Traceback (most recent call last): +File "/usr/bin/variantCaller", line 3, in + from GenomicConsensus.main import main +File "/usr/lib/python2.7/dist-packages/GenomicConsensus/main.py", line 16, in + from GenomicConsensus import reference +File "/usr/lib/python2.7/dist-packages/GenomicConsensus/reference.py", line 8, in + from .windows import holes, kCoveredIntervals, enumerateIntervals +File "/usr/lib/python2.7/dist-packages/GenomicConsensus/windows.py", line 14, in + from ConsensusCore import CoveredIntervals + ImportError: No module named ConsensusCore + [1] There are two true SNVs (and one diploid SNV that we miss right now). $ grep insertion variants.gff | wc | awk '{print $1}' + grep: variants.gff: No such file or directory 0 $ grep deletion variants.gff | wc | awk '{print $1}' + grep: variants.gff: No such file or directory 0 $ grep substitution variants.gff - EGFR_Exon_23\t.\tsubstitution\t48\t48\t.\t.\t.\treference=T;variantSeq=C;frequency=97;coverage=100;confidence=40 (esc) + grep: variants.gff: No such file or directory + [2] # Ran 1 tests, 0 skipped, 1 failed. make: *** [Makefile:25: extra-tests] Error 1 autopkgtest [12:23:52]: test command2: ---] autopkgtest [12:23:52]: test command2: - - - - - - - - - - results - - - - - - - - - - command2 FAIL non-zero exit status 2 Regards Graham [1] https://ci.debian.net/packages/p/pbgenomicconsensus/unstable/amd64/ --- End Message --- --- Begin Message --- Source: pbgenomicconsensus Source-Version: 2.3.2-5 We believe that the bug you reported is fixed in the latest version of pbgenomicconsensus, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 925...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Liubov Chuprikova (supplier of updated pbgenomicconsensus package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 07 Apr 2019 13:58:37 +0200 Source: pbgenomicconsensus Binary: pbgenomicconsensus python-pbgenomicconsensus Architecture: source Version: 2.3.2-5 Distribution: unstable Urgency: medium Maintainer: Debian Med Packaging Team Changed-By: Liubov Chuprikova Description: pbgenomicconsensus - Pacific Biosciences variant and consensus caller python-pbgenomicconsensus - Pacific Biosciences variant and consensus caller (Python 2) Closes: 925909 Changes: pbgenomicconsensus (2.3.2-5) unstable; urgency=medium . * Team upload. * Fix autopkgtest dependencies Closes: #925909 Checksums-Sha1: 3b66aefda41a10c6efc0bbb68eb4e9da02363c02 2525 pbgenomicconsensus_2.3.2-5.dsc 000ae613a5a54419564121511da922a75d1c04e6 20772 pbgenomicconsensus_2.3.2-5.debian.tar.xz Checksums-Sha256:
Processed: Re: ruby-pygments.rb: FTBFS randomly (failing tests)
Processing commands for cont...@bugs.debian.org: > retitle 923986 ruby-pygments.rb: FTBFS randomly (" class="ch">\#!\/usr\/bin\/ruby<\/span>/> was expected to be =~ ") Bug #923986 [src:ruby-pygments.rb] ruby-pygments.rb: FTBFS randomly (failing tests) Changed Bug title to 'ruby-pygments.rb: FTBFS randomly ("\#!\/usr\/bin\/ruby<\/span>/> was expected to be =~ ")' from 'ruby-pygments.rb: FTBFS randomly (failing tests)'. > thanks Stopping processing here. Please contact me if you need assistance. -- 923986: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923986 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#926380: marked as done (golang-github-puerkitobio-purell: FTBFS (failing tests))
Your message dated Sun, 07 Apr 2019 15:18:31 + with message-id and subject line Bug#926380: fixed in golang-github-puerkitobio-purell 1.1.0-2 has caused the Debian Bug report #926380, regarding golang-github-puerkitobio-purell: FTBFS (failing tests) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 926380: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926380 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:golang-github-puerkitobio-purell Version: 1.1.0-1 Severity: serious Tags: ftbfs Dear maintainer: I tried to build this package in buster but it failed: [...] debian/rules build-indep dh build-indep --buildsystem=golang --with=golang dh_update_autotools_config -i -O--buildsystem=golang dh_auto_configure -i -O--buildsystem=golang dh_auto_build -i -O--buildsystem=golang cd obj-x86_64-linux-gnu && go install -gcflags=all=\"-trimpath=/<>/obj-x86_64-linux-gnu/src\" -asmflags=all=\"-trimpath=/<>/obj-x86_64-linux-gnu/src\" -v -p 1 github.com/PuerkitoBio/purell errors internal/cpu internal/bytealg internal/race runtime/internal/atomic runtime/internal/sys runtime sync/atomic sync io unicode unicode/utf8 bytes math syscall time internal/poll internal/syscall/unix internal/testlog os math/bits strconv reflect fmt sort strings net/url github.com/PuerkitoBio/urlesc golang.org/x/text/transform container/list log golang.org/x/text/unicode/bidi golang.org/x/text/secure/bidirule golang.org/x/text/unicode/norm golang.org/x/net/idna golang.org/x/text/width regexp/syntax regexp github.com/PuerkitoBio/purell dh_auto_test -i -O--buildsystem=golang cd obj-x86_64-linux-gnu && go test -vet=off -v -p 1 github.com/PuerkitoBio/purell === RUN TestRunner --- PASS: TestRunner (0.00s) purell_test.go:715: running LowerScheme... purell_test.go:715: running LowerScheme2... purell_test.go:715: running LowerHost... purell_test.go:715: running UpperEscapes... purell_test.go:715: running UnnecessaryEscapes... purell_test.go:715: running RemoveDefaultPort... purell_test.go:715: running RemoveDefaultPort2... purell_test.go:715: running RemoveDefaultPort3... purell_test.go:715: running Safe... purell_test.go:715: running BothLower... purell_test.go:715: running RemoveTrailingSlash... purell_test.go:715: running RemoveTrailingSlash2... purell_test.go:715: running RemoveTrailingSlash3... purell_test.go:715: running AddTrailingSlash... purell_test.go:715: running AddTrailingSlash2... purell_test.go:715: running AddTrailingSlash3... purell_test.go:715: running RemoveDotSegments... purell_test.go:715: running RemoveDotSegments2... purell_test.go:715: running UsuallySafe... purell_test.go:715: running RemoveDirectoryIndex... purell_test.go:715: running RemoveDirectoryIndex2... purell_test.go:715: running RemoveFragment... purell_test.go:715: running ForceHTTP... purell_test.go:715: running RemoveDuplicateSlashes... purell_test.go:715: running RemoveDuplicateSlashes2... purell_test.go:715: running RemoveWWW... purell_test.go:715: running RemoveWWW2... purell_test.go:715: running AddWWW... purell_test.go:715: running SortQuery... purell_test.go:715: running RemoveEmptyQuerySeparator... purell_test.go:715: running Unsafe... purell_test.go:715: running Safe2... purell_test.go:715: running UsuallySafe2... purell_test.go:715: running AddTrailingSlashBug... purell_test.go:715: running SourceModified... purell_test.go:715: running IPv6-1... purell_test.go:715: running IPv6-2... purell_test.go:715: running IPv6-3... purell_test.go:715: running IPv6-4... purell_test.go:715: running FTP... purell_test.go:715: running Standard-1... purell_test.go:715: running Standard-2... purell_test.go:715: running Standard-3... purell_test.go:715: running Standard-4... purell_test.go:715: running Standard-5... purell_test.go:715: running Standard-6... purell_test.go:715: running Standard-7... purell_test.go:715: running Standard-8... purell_test.go:715: running Standard-9... purell_test.go:715: running Standard-10... purell_test.go:715: running StandardCasesAddTrailingSlash... purell_test.go:715: running OctalIP-1... purell_test.go:715: running OctalIP-2... purell_test.go:715: running OctalIP-3... purell_test.go:715: running OctalIP-4... purell_test.go:715: running DWORDIP-1...
Processed: your mail
Processing commands for cont...@bugs.debian.org: > retitle 888547 CVE-2017-1000190: XXE vulnerability resulting in SSRF, > information disclosure, DoS, etc. Bug #888547 [src:simple-xml] CVE-2017-1000190 Changed Bug title to 'CVE-2017-1000190: XXE vulnerability resulting in SSRF, information disclosure, DoS, etc.' from 'CVE-2017-1000190'. > thanks Stopping processing here. Please contact me if you need assistance. -- 888547: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888547 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: sqlalchemy: CVE-2019-7164 CVE-2019-7548 (SQL injection)
Processing commands for cont...@bugs.debian.org: > retitle 922669 sqlalchemy: CVE-2019-7164 CVE-2019-7548 (SQL injection) Bug #922669 [src:sqlalchemy] sqlalchemy: CVE-2019-7164 CVE-2019-7548 Changed Bug title to 'sqlalchemy: CVE-2019-7164 CVE-2019-7548 (SQL injection)' from 'sqlalchemy: CVE-2019-7164 CVE-2019-7548'. > thanks Stopping processing here. Please contact me if you need assistance. -- 922669: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922669 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: CVE-2018-1000073
Processing commands for cont...@bugs.debian.org: > retitle 925986 CVE-2018-173: directory Traversal vulnerability in > install_location Bug #925986 [jruby] CVE-2018-173 Changed Bug title to 'CVE-2018-173: directory Traversal vulnerability in install_location' from 'CVE-2018-173'. > thanks Stopping processing here. Please contact me if you need assistance. -- 925986: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925986 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Bug #926380 in golang-github-puerkitobio-purell marked as pending
Processing control commands: > tag -1 pending Bug #926380 [src:golang-github-puerkitobio-purell] golang-github-puerkitobio-purell: FTBFS (failing tests) Added tag(s) pending. -- 926380: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926380 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#926380: Bug #926380 in golang-github-puerkitobio-purell marked as pending
Control: tag -1 pending Hello, Bug #926380 in golang-github-puerkitobio-purell reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/go-team/packages/golang-github-puerkitobio-purell/commit/4b1efd9dfe93232d5b814c8cff961968a3418865 Add debian/patches/pr-29.patch https://github.com/PuerkitoBio/purell/pull/29 Closes: #926380 (this message was generated automatically) -- Greetings https://bugs.debian.org/926380
Bug#923930: testsuite comes with built-in time-bomb
Control: forwarded -1 https://github.com/heimdal/heimdal/issues/533 Greetings from the Gothenburg BSP. To summarize the above issue: - certs used in test-suite expired - upstream regenerated certs with 500 years expiration time set - this solves the issue on machines with 64bit time_t but 32bit machines still fails the test-suite. - A suggestion was made to generate certs that expire "Tue, 19 Jan 2038 03:14:06 GMT" instead. On the debian side of things: including the upstream diff is annoying because debian/patches/ (quilt 3.0) doesn't support git binary diffs. The lazy solution here is to argue that we don't want time-bombs and just disable the test-suite. The better solution involves generating the certificates so that they align with what 32bit machines can handle, uuencoding the result and setting up debian/rules handling to "manually patch" the build. Regards, Andreas Henriksson
Processed: testsuite comes with built-in time-bomb
Processing control commands: > forwarded -1 https://github.com/heimdal/heimdal/issues/533 Bug #923930 [src:heimdal] FTBFS: FAIL test_chain (exit status: 1) Set Bug forwarded-to-address to 'https://github.com/heimdal/heimdal/issues/533'. -- 923930: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923930 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#926380: golang-github-puerkitobio-purell: FTBFS (failing tests)
Hi, On Sun, Apr 7, 2019 at 10:09 PM Andreas Henriksson wrote: > > Greetings from the Gothenburg BSP. > > This is the output I get when reproducing this issue: > > ---8<->8- > > --- FAIL: TestEncodeNecessaryEscapesAll (0.00s) > purell_test.go:761: Got error parse http://host/ > > > � net/url: invalid control character in URL > FAIL > exit status 1 > FAIL_/tmp/golang-github-puerkitobio-purell-1.1.00.003s > > ---8<->8- > > > net/url Parse now explicitly check that you don't pass in > "invalid" (non-encoded) urls and rejects them: > https://sources.debian.org/src/golang-1.11/1.11.6-1/src/net/url/url.go/?hl=498#L498 > > The NormalizeUrlString helper function starts out by passing the url > string to url.Parse: > https://sources.debian.org/src/golang-github-puerkitobio-purell/1.1.0-1/purell.go/#L153 > > The TestDecodeUnnecessaryEscapesAll function creates an url with control > characters and passes it to NormalizeURLString to try to get it > normalized/escaped. > > I'd say the design of the NormalizeUrlString function is broken and thus > it's not obvious to me how to fix it. I'd say that if you have a > non-normalized string you want encoded, you should pass it in as > something that doesn't need to be parsed. ie. use NormalizeUrl helper > function, which takes an Url type. > > Removing the NormalizeUrlString function however would be an API/ABI > break as it's publicly exported (and used by Hugo and Kubernetes)... > > Maybe open-coding some homebrew url parsing to fall back on could be > done to keep the function around. Sounds bad to think you know > better than net/url how to parse an url though. > > I'm attaching a patch which "fixes" this issue, but really it's most likely > a stupid and wrong things to do to solve this. It's just designed to > make the testsuite pass. As mentioned, I think the NormalizeURLString > function is incorrectly designed and there's no way to fix it (so should > be deprecated in favour of NormalizeURL). > Thus intentionally *not* tagging patch, as this is rather a "proof of > concept". > > Regards, > Andreas Henriksson Thanks for your great work! However it's already fixed by upstream, https://github.com/PuerkitoBio/purell/pull/29 If someone is going to upload the new version, please take upstream patch instead :/ -- Shengjing Zhu
Processed: bug 926380 is forwarded to https://github.com/PuerkitoBio/purell/issues/28
Processing commands for cont...@bugs.debian.org: > forwarded 926380 https://github.com/PuerkitoBio/purell/issues/28 Bug #926380 [src:golang-github-puerkitobio-purell] golang-github-puerkitobio-purell: FTBFS (failing tests) Set Bug forwarded-to-address to 'https://github.com/PuerkitoBio/purell/issues/28'. > thanks Stopping processing here. Please contact me if you need assistance. -- 926380: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926380 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#919914: gnome-tweaks now equates "don't suspend on lid close" with "don't lock on lid close" (security issue)
Hi Josh, Josh Triplett: > Recently, disabling the setting "Suspend when laptop lid is closed" > seems to have started preventing *any* action on lid close, including > locking the screen; Would you be interested in testing whether https://gitlab.gnome.org/GNOME/gnome-settings-daemon/merge_requests/84 fixes this problem for you? Cheers, -- intrigeri
Processed: reassign 919914 to gnome-settings-daemon, affects 919914, found 919914 in 3.31.90-1 ...
Processing commands for cont...@bugs.debian.org: > reassign 919914 gnome-settings-daemon Bug #919914 [gnome-tweaks] gnome-tweaks now equates "don't suspend on lid close" with "don't lock on lid close" (security issue) Bug reassigned from package 'gnome-tweaks' to 'gnome-settings-daemon'. No longer marked as found in versions gnome-tweaks/3.30.2-1. Ignoring request to alter fixed versions of bug #919914 to the same values previously set > affects 919914 + gnome-tweaks Bug #919914 [gnome-settings-daemon] gnome-tweaks now equates "don't suspend on lid close" with "don't lock on lid close" (security issue) Added indication that 919914 affects gnome-tweaks > found 919914 3.31.90-1 Bug #919914 [gnome-settings-daemon] gnome-tweaks now equates "don't suspend on lid close" with "don't lock on lid close" (security issue) Marked as found in versions gnome-settings-daemon/3.31.90-1. > found 919914 3.32.0-1 Bug #919914 [gnome-settings-daemon] gnome-tweaks now equates "don't suspend on lid close" with "don't lock on lid close" (security issue) Marked as found in versions gnome-settings-daemon/3.32.0-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 919914: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919914 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: bug 919914 is forwarded to https://gitlab.gnome.org/GNOME/gnome-settings-daemon/merge_requests/84
Processing commands for cont...@bugs.debian.org: > forwarded 919914 > https://gitlab.gnome.org/GNOME/gnome-settings-daemon/merge_requests/84 Bug #919914 [gnome-tweaks] gnome-tweaks now equates "don't suspend on lid close" with "don't lock on lid close" (security issue) Set Bug forwarded-to-address to 'https://gitlab.gnome.org/GNOME/gnome-settings-daemon/merge_requests/84'. > thanks Stopping processing here. Please contact me if you need assistance. -- 919914: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919914 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: CVE-2018-15587
Processing commands for cont...@bugs.debian.org: > retitle 924616 CVE-2018-15587: Signature Spoofing in PGP encrypted email Bug #924616 [src:evolution] CVE-2018-15587 Changed Bug title to 'CVE-2018-15587: Signature Spoofing in PGP encrypted email' from 'CVE-2018-15587'. > thanks Stopping processing here. Please contact me if you need assistance. -- 924616: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924616 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#926380: golang-github-puerkitobio-purell: FTBFS (failing tests)
Greetings from the Gothenburg BSP. This is the output I get when reproducing this issue: ---8<->8- --- FAIL: TestEncodeNecessaryEscapesAll (0.00s) purell_test.go:761: Got error parse http://host/ � net/url: invalid control character in URL FAIL exit status 1 FAIL_/tmp/golang-github-puerkitobio-purell-1.1.00.003s ---8<->8- net/url Parse now explicitly check that you don't pass in "invalid" (non-encoded) urls and rejects them: https://sources.debian.org/src/golang-1.11/1.11.6-1/src/net/url/url.go/?hl=498#L498 The NormalizeUrlString helper function starts out by passing the url string to url.Parse: https://sources.debian.org/src/golang-github-puerkitobio-purell/1.1.0-1/purell.go/#L153 The TestDecodeUnnecessaryEscapesAll function creates an url with control characters and passes it to NormalizeURLString to try to get it normalized/escaped. I'd say the design of the NormalizeUrlString function is broken and thus it's not obvious to me how to fix it. I'd say that if you have a non-normalized string you want encoded, you should pass it in as something that doesn't need to be parsed. ie. use NormalizeUrl helper function, which takes an Url type. Removing the NormalizeUrlString function however would be an API/ABI break as it's publicly exported (and used by Hugo and Kubernetes)... Maybe open-coding some homebrew url parsing to fall back on could be done to keep the function around. Sounds bad to think you know better than net/url how to parse an url though. I'm attaching a patch which "fixes" this issue, but really it's most likely a stupid and wrong things to do to solve this. It's just designed to make the testsuite pass. As mentioned, I think the NormalizeURLString function is incorrectly designed and there's no way to fix it (so should be deprecated in favour of NormalizeURL). Thus intentionally *not* tagging patch, as this is rather a "proof of concept". Regards, Andreas Henriksson diff -uriNp golang-github-puerkitobio-purell-1.1.0/purell.go golang-github-puerkitobio-purell-1.1.0-fixed/purell.go --- golang-github-puerkitobio-purell-1.1.0/purell.go 2016-11-15 03:49:42.0 +0100 +++ golang-github-puerkitobio-purell-1.1.0-fixed/purell.go 2019-04-07 16:00:06.039745498 +0200 @@ -12,6 +12,7 @@ import ( "sort" "strconv" "strings" + "errors" "github.com/PuerkitoBio/urlesc" "golang.org/x/net/idna" @@ -147,10 +148,43 @@ func MustNormalizeURLString(u string, f return result } +func myURLParse(u string) (*url.URL, error) { + // first try to parse the url as normal and return it if successful + parsed, err := url.Parse(u) + if err == nil { + return parsed, nil + } + + // path possibly contains control characters, which url.Parse + // doesn't allow. Try to parse url without path and then add it. + + // find third / and assume that's where path starts. + parts := strings.SplitN(u, "/", 4) + + var noPathURL string + if len(parts) != 4 { + return nil, errors.New("Failed to find start of path in url") + } + noPathURL = strings.Join(parts[:3], "/") + + parsed, err = url.Parse(noPathURL) + if err != nil { + return nil, err + } + + pathquery := strings.SplitN(parts[3], "#", 2) + parsed.Path = pathquery[0] + if len(pathquery) > 1 { + parsed.Fragment = pathquery[1] + } + + return parsed, nil +} + // NormalizeURLString returns the normalized string, or an error if it can't be parsed into an URL object. // It takes an URL string as input, as well as the normalization flags. func NormalizeURLString(u string, f NormalizationFlags) (string, error) { - parsed, err := url.Parse(u) + parsed, err := myURLParse(u) if err != nil { return "", err }
Processed: Re: src:lexicon: Build-Depends on to be removed package
Processing commands for cont...@bugs.debian.org: > retitle 926541 src:lexicon: Build-Depends on python-softlayer which will be > removed Bug #926541 [src:lexicon] src:lexicon: Build-Depends on to be removed package Changed Bug title to 'src:lexicon: Build-Depends on python-softlayer which will be removed' from 'src:lexicon: Build-Depends on to be removed package'. > thanks Stopping processing here. Please contact me if you need assistance. -- 926541: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926541 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#926542: marked as done (javatools: jh_build -N has undefined behaviour (--no-package vs. --no-javadoc))
Your message dated Sun, 07 Apr 2019 13:34:12 + with message-id and subject line Bug#926542: fixed in javatools 0.72.8 has caused the Debian Bug report #926542, regarding javatools: jh_build -N has undefined behaviour (--no-package vs. --no-javadoc) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 926542: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926542 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: javahelper Version: 0.72.4 Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, I'm experiencing random failures while building hdf5 for unstable using sbuild. Starting with javahelper 0.72.4, the debian/rules clean target randomly reports: make[1]: Leaving directory '/<>/hdf5-1.10.5+repack' dh_autoreconf_clean jh_clean Unknown option: l Unknown option: b Usage: jh_build [options] jh_build is a part of debhelper. See debhelper(7) and jh_build(1) for complete usage instructions. This failure occurs about one time in two. The clean target doesn't fail despite this error, but subsequent calls to jh_build fail the very same way, causing hdf5 to FTBS. This behavior occurs only when I use DH_OPTION="-N..." to skip some binary packages: $ DH_OPTIONS="-Nlibhdf5-openmpi-103" jh_clean Unknown option: l Unknown option: b Usage: jh_build [options] jh_build is a part of debhelper. See debhelper(7) and jh_build(1) for complete usage instructions. I can somewhat reproduce it on another java packages. For example mac-widgets: (unstable-amd64-sbuild)/<>/mac-widgets-0.10.0+svn416-dfsg1$ DH_OPTIONS="-Nlibmac-widgets-java" jh_clean Unknown option: l Unknown option: b jh_build: warning: ignored unknown options in DH_OPTIONS But in this case jh_build states it ignores DH_OPTIONS content. Release 0.72.2 of javahelper is OK. Thanks, _g. -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEoJObzArDE05WtIyR7+hsbH/+z4MFAlyo7C4ACgkQ7+hsbH/+ z4NjkQgAma6UaCbJ/ab+8HPqUUjG5s2u+iXIqVc1B2W+eB4rRx8adcSIsBWQDc88 q5gcAfcNzxnG0YUZimy8lyrE5yoyUKTe+6B2crhT1z10wkYVCJENkP0BQDgZBkhW XAVtUVXmwS71tJP/wUh84+F0LSRu3OFtKi92augSfxFZXm90j3uAeh9QBKwYpglg 9Tz9Rrsnjb9yu5W95XyWBRGwoOXUqRuD1mjgsX9TVwpN4jMwfd7dBw5VDIH27JWs ZYX7K9k9lPOJzyzIYF7kXRMdl/h9YPE1WAQIuxfmfjnvpu1AQDowO8mrya4XhJZO TxpqaSLhhX2geGeGDr/Fi7Mh9J+UjQ== =jYwS -END PGP SIGNATURE- --- End Message --- --- Begin Message --- Source: javatools Source-Version: 0.72.8 We believe that the bug you reported is fixed in the latest version of javatools, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 926...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Niels Thykier (supplier of updated javatools package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 07 Apr 2019 13:18:04 + Source: javatools Architecture: source Version: 0.72.8 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers Changed-By: Niels Thykier Closes: 925507 926542 Changes: javatools (0.72.8) unstable; urgency=medium . * Team upload. * jh_build: Fix a regression in 0.72.7 where the first parameter of debian/javabuild was incorrectly interpreted as a glob that had to match something (rather than the name of the output file). Thanks to Ole Streicher for reporting this issue. (Closes: #925507) * jh_build: Deprecate -N as short form of --no-javadoc and add a work around to make -N work reliably. This fixes -N being either --no-package or --no-javadoc with a 50/50 probability. Thanks to Gilles Filippini for reporting the issue. (Closes: #926542) Checksums-Sha1: 1531a80b14961df76cd7e75042c1b34f516d7898 1869 javatools_0.72.8.dsc 5cfc42e15a932107b53c7d30471baf5f1782de9a 54200 javatools_0.72.8.tar.xz d7982c1e7ae383e4693c079c4fb8e94cc4112e39 9874 javatools_0.72.8_source.buildinfo Checksums-Sha256: de581a3a952404e5b3f9b1d877f3e0961624c82bc093b140362e16e976a0a7d9 1869 javatools_0.72.8.dsc d858d72bb4233f49d1bc14a147625b090cd32295704ee51a7cfdb035176a2ff2 54200 javatools_0.72.8.tar.xz
Bug#925507: marked as done (jh_build fails when source files are specified)
Your message dated Sun, 07 Apr 2019 13:34:12 + with message-id and subject line Bug#925507: fixed in javatools 0.72.8 has caused the Debian Bug report #925507, regarding jh_build fails when source files are specified to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 925507: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925507 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: javahelper Version: 0.72.6 Severity: serious Control: affects -1 src:healpix-java Control: blocks -1 923752 The javahelper package fails when files are specified as src. The source package healpix-java has the following debian/javabuild: healpix.jar src/healpix/essentials/*.java When I compile this (healpix-java version 3.40-1), I get the following error (the files ofcourse exist): jh_build jh_build: Ignoring src/healpix/essentials/*.java because it does not exist When I include the options in d/rules instead: override_jh_build: jh_build healpix.jar src/healpix/essentials/*.java [...] I get a very mystic error: jh_build healpix.jar src/healpix/essentials/*.java error: invalid flag: -quiet Usage: javac use --help for a list of possible options jh_build: /usr/lib/jvm/default-java/bin/javac -g -cp /usr/share/java/fits.jar:_jh_build.healpix -d debian/_jh_build.healpix -quiet -encoding ISO8859-1 -source 1.7 -target 1.7 src/healpix/essentials/CircleFinder.java src/healpix/essentials/Compressor.java src/healpix/essentials/Constants.java src/healpix/essentials/FastMath.java src/healpix/essentials/FitsUtil.java src/healpix/essentials/Fxyf.java src/healpix/essentials/HealpixBase.java src/healpix/essentials/HealpixMapDouble.java src/healpix/essentials/HealpixMapFloat.java src/healpix/essentials/HealpixProc.java src/healpix/essentials/HealpixTables.java src/healpix/essentials/HealpixUtils.java src/healpix/essentials/Hploc.java src/healpix/essentials/Moc.java src/healpix/essentials/MocFitsIO.java src/healpix/essentials/MocQuery.java src/healpix/essentials/MocStringIO.java src/healpix/essentials/Pointing.java src/healpix/essentials/RangeSet.java src/healpix/essentials/Scheme.java src/healpix/essentials/Vec3.java src/healpix/essentials/Zphi.java src/healpix/essentials/package-info.java returned exit code 2 Looking into the sources show that the "-quiet" flag is indeed unconditionally added there, and seems to not work at least with the current openjdk-11-jdk-headless:amd64 (11.0.3+4-1). https://salsa.debian.org/java-team/javatools/blob/master/jh_build#L229 Best regards Ole --- End Message --- --- Begin Message --- Source: javatools Source-Version: 0.72.8 We believe that the bug you reported is fixed in the latest version of javatools, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 925...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Niels Thykier (supplier of updated javatools package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 07 Apr 2019 13:18:04 + Source: javatools Architecture: source Version: 0.72.8 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers Changed-By: Niels Thykier Closes: 925507 926542 Changes: javatools (0.72.8) unstable; urgency=medium . * Team upload. * jh_build: Fix a regression in 0.72.7 where the first parameter of debian/javabuild was incorrectly interpreted as a glob that had to match something (rather than the name of the output file). Thanks to Ole Streicher for reporting this issue. (Closes: #925507) * jh_build: Deprecate -N as short form of --no-javadoc and add a work around to make -N work reliably. This fixes -N being either --no-package or --no-javadoc with a 50/50 probability. Thanks to Gilles Filippini for reporting the issue. (Closes: #926542) Checksums-Sha1: 1531a80b14961df76cd7e75042c1b34f516d7898 1869 javatools_0.72.8.dsc 5cfc42e15a932107b53c7d30471baf5f1782de9a 54200 javatools_0.72.8.tar.xz d7982c1e7ae383e4693c079c4fb8e94cc4112e39 9874 javatools_0.72.8_source.buildinfo Checksums-Sha256:
Processed: closing 926587
Processing commands for cont...@bugs.debian.org: > close 926587 1.4.20-1.1+deb8u2 Bug #926587 {Done: "Chris Lamb" } [roundup] roundup: CVE-2019-10904 There is no source info for the package 'roundup' at version '1.4.20-1.1+deb8u2' with architecture '' Unable to make a source version for version '1.4.20-1.1+deb8u2' Marked as fixed in versions 1.4.20-1.1+deb8u2. Bug #926587 {Done: "Chris Lamb" } [roundup] roundup: CVE-2019-10904 Bug 926587 is already marked as done; not doing anything. > thanks Stopping processing here. Please contact me if you need assistance. -- 926587: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926587 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#926587: closing 926587
close 926587 1.4.20-1.1+deb8u2 thanks
Processed: retitle 926593
Processing commands for cont...@bugs.debian.org: > retitle 926593 llvm-toolchain-8: unicode non free license Bug #926593 [llvm-toolchain-8] llvm-toolchain-7: unicode non free license Changed Bug title to 'llvm-toolchain-8: unicode non free license' from 'llvm-toolchain-7: unicode non free license'. > found 926593 1:8-3 Bug #926593 [llvm-toolchain-8] llvm-toolchain-8: unicode non free license There is no source info for the package 'llvm-toolchain-8' at version '1:8-3' with architecture '' Unable to make a source version for version '1:8-3' Marked as found in versions 1:8-3. > thanks Stopping processing here. Please contact me if you need assistance. -- 926593: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926593 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#925473: tomcat9: sysvinit script missing (Policy §9.11¶2 “must”)
On Sun, 7 Apr 2019, Ivo De Decker wrote: > Also, I'm not sure adding an init script now is an approriate change > for the freeze. It is, it only touches systems on which it previously did not work. > Some other changes suggested in this bug (like changes in systemd) > certainly are not. This was discussed for later. Emmanuel agreed that, if those changes were not implemented for buster, the suggested patch to restore user creation with adduser (trivial, fits into less than an ANSI screen page, easy to audit) can go into this for buster. > This bug should not be used as an argument to force these kind of > changes for buster. Indeed, and that was never my intention. I would like to respectfully ask that this *not* be buster-ignored, and to review the attached patch, which has been tested to indeed unbreak sysvinit (and fixed some bugs detected during that). Thanks in advance, //mirabilos -- tarent solutions GmbH Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/ Tel: +49 228 54881-393 • Fax: +49 228 54881-235 HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941 Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steegdiff -Nru tomcat9-9.0.16/debian/README.Debian tomcat9-9.0.16/debian/README.Debian --- tomcat9-9.0.16/debian/README.Debian 2019-02-05 10:11:13.0 +0100 +++ tomcat9-9.0.16/debian/README.Debian 2019-04-01 16:26:55.0 +0200 @@ -54,6 +54,13 @@ systemctl daemon-reload systemctl restart tomcat9 +⚠ This is supported only when Tomcat is started with the systemd unit. + +Using Tomcat with other init systems is supported, however that will +negate the security hardening detailed above, make Tomcat not have +its own temporary directory, not drop privileges/capabilities after +start, and not be restarted on crashing. Use at your own risk. + * To run more than one Tomcat instance on your server, install the package tomcat9-user and run the tomcat9-instance-create utility. You should remove the tomcat9 package if you don't want Tomcat to diff -Nru tomcat9-9.0.16/debian/changelog tomcat9-9.0.16/debian/changelog --- tomcat9-9.0.16/debian/changelog 2019-02-26 09:31:13.0 +0100 +++ tomcat9-9.0.16/debian/changelog 2019-04-02 22:54:17.0 +0200 @@ -1,3 +1,21 @@ +tomcat9 (9.0.16-4) unstable; urgency=medium + + * Team upload. + * debian/logging.properties: Add commented-out non-systemd configuration + * Make tomcat9 installable without systemd: +- Readd logic to create the system user via adduser +- Add sysvinit script, for init independence (Closes: #925473) + * debian/README.Debian: Document non-systemd risks + * debian/libexec/tomcat-locate-java.sh: Remove shebang and make +not executable as this is only ever sourced (makes no sense otherwise) + * Make the systemd startup script honour the (renamed) $SECURITY_MANAGER + * Remove -XX:+UseG1GC from standard JAVA_OPTS; the JRE chooses +a suitable GC automatically anyway (Closes: #925928) + * Correct the ownership and permissions on the log directory: +group adm and setgid (Closes: #925929) + + -- Thorsten Glaser Tue, 02 Apr 2019 22:54:17 +0200 + tomcat9 (9.0.16-3) unstable; urgency=medium * Removed read/write access to /var/lib/solr (Closes: #923299) diff -Nru tomcat9-9.0.16/debian/control tomcat9-9.0.16/debian/control --- tomcat9-9.0.16/debian/control 2019-02-05 10:53:30.0 +0100 +++ tomcat9-9.0.16/debian/control 2019-04-01 16:26:55.0 +0200 @@ -47,7 +47,7 @@ Architecture: all Depends: lsb-base (>= 3.0-6), - systemd (>= 215), + systemd (>= 215) | adduser, tomcat9-common (>= ${source:Version}), ucf, ${misc:Depends} diff -Nru tomcat9-9.0.16/debian/copyright tomcat9-9.0.16/debian/copyright --- tomcat9-9.0.16/debian/copyright 2019-02-05 10:11:13.0 +0100 +++ tomcat9-9.0.16/debian/copyright 2019-04-01 16:26:55.0 +0200 @@ -49,6 +49,7 @@ 2013-2014, Gianfranco Costamagna 2013-2018, Emmanuel Bourg 2001-2017, Markus Koschany + 2015–2019, mirabilos License: Apache-2.0 License: Apache-2.0 diff -Nru tomcat9-9.0.16/debian/default.template tomcat9-9.0.16/debian/default.template --- tomcat9-9.0.16/debian/default.template 2019-02-05 10:11:13.0 +0100 +++ tomcat9-9.0.16/debian/default.template 2019-04-01 17:15:52.0 +0200 @@ -3,9 +3,10 @@ # OpenJDK and the Oracle JDK are tried. #JAVA_HOME=/usr/lib/jvm/java-8-openjdk -# You may pass JVM startup parameters to Java here. If unset, the default -# options will be: -Djava.awt.headless=true -XX:+UseG1GC -JAVA_OPTS="-Djava.awt.headless=true -XX:+UseG1GC" +# You may pass JVM startup parameters to Java here. If you run Tomcat with +# Java 8 instead of 9 or newer, add "-XX:+UseG1GC" to select a suitable GC. +# If unset, the default options will be: -Djava.awt.headless=true +JAVA_OPTS="-Djava.awt.headless=true" # To enable remote debugging uncomment the
Processed: tagging 902255 and 916945
Processing commands for cont...@bugs.debian.org: > clone 916945 -1 Bug #916945 [src:llvm-toolchain-7] llvm-toolchain-7: unicode non free license Bug 916945 cloned as bug 926593 > reassign -1 llvm-toolchain-8 Bug #926593 [src:llvm-toolchain-7] llvm-toolchain-7: unicode non free license Bug reassigned from package 'src:llvm-toolchain-7' to 'llvm-toolchain-8'. No longer marked as found in versions llvm-toolchain-7/1:7.0.1-1. Ignoring request to alter fixed versions of bug #926593 to the same values previously set > # it looks like the offending file is available under a different license so > # it probably is a license documentation issue rather than a non-free file > tags 902255 buster-ignore Bug #902255 [src:llvm-toolchain-6.0] llvm-toolchain-6.0: unicode non free license Added tag(s) buster-ignore. > tags 916945 buster-ignore Bug #916945 [src:llvm-toolchain-7] llvm-toolchain-7: unicode non free license Added tag(s) buster-ignore. > thanks Stopping processing here. Please contact me if you need assistance. -- 902255: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902255 916945: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916945 926593: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926593 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#925473: tomcat9: sysvinit script missing (Policy §9.11¶2 “must”)
Processing control commands: > tags -1 buster-ignore Bug #925473 [tomcat9] tomcat9: sysvinit script missing (Policy §9.11¶2 “must”) Added tag(s) buster-ignore. -- 925473: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925473 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#925473: tomcat9: sysvinit script missing (Policy §9.11¶2 “must”)
Control: tags -1 buster-ignore Hi, On Wed, Apr 03, 2019 at 02:33:47PM +0200, Thorsten Glaser wrote: > On Wed, 3 Apr 2019, Emmanuel Bourg wrote: > > > > I really insist on being able to install tomcat9 without having to > > > install a whole other init system, even if it is not used. > > > > See this as a compromise? > > I don’t know… the missing initscript is an RC bug, so the compromise > would start _after_ it’s added… I'm tagging this bug buster-ignore, because we're not going to delay buster for it. Also, I'm not sure adding an init script now is an approriate change for the freeze. Some other changes suggested in this bug (like changes in systemd) certainly are not. This bug should not be used as an argument to force these kind of changes for buster. Thanks, Ivo
Bug#923986: ruby-pygments.rb: FTBFS randomly (failing tests)
Santiago Vila wrote: > I tried to build this package in buster but it failed: Hm, I've just built this package 20 times in sid and the tests pass every time. > My recommendation is that the failing tests are simply disabled for buster. If it's a specific test, then I recommend just disabling that one or (better) explicitly marking it as XFAIL. Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org chris-lamb.co.uk `-
Processed: Re: Bug#916145: closure-compiler: Not working with recent JS code
Processing control commands: > severity -1 important Bug #916145 [closure-compiler] closure-compiler: Not working with recent JS code Severity set to 'important' from 'serious' -- 916145: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916145 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#916145: closure-compiler: Not working with recent JS code
Control: severity -1 important Hi, On Sun, Apr 07, 2019 at 11:16:53AM +0300, Adrian Bunk wrote: > > Adrian: you raised the severity, care to lower it until buster is > > out (or say some words on why)? > > IMHO the release team adding a buster-ignore tag would be the best way > forward here - this would still show up as RC bug for bullseye. No. Downgrading is the way forward. If you want to update the package for bullseye, filing an RC bug is not the way to do it. Joining the team and preparing a new package (after the freeze) is. Thanks, Ivo
Processed: severity of 926542 is serious ...
Processing commands for cont...@bugs.debian.org: > severity 926542 serious Bug #926542 [javahelper] jh_build: randomly fails with DH_OPTIONS="-N..." Severity set to 'serious' from 'normal' > retitle 926542 javatools: jh_build -N has undefined behaviour (--no-package > vs. --no-javadoc) Bug #926542 [javahelper] jh_build: randomly fails with DH_OPTIONS="-N..." Changed Bug title to 'javatools: jh_build -N has undefined behaviour (--no-package vs. --no-javadoc)' from 'jh_build: randomly fails with DH_OPTIONS="-N..."'. > thanks Stopping processing here. Please contact me if you need assistance. -- 926542: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926542 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#905446: haskell-hackage-mirror: FTBFS: Module `Control.Monad.Trans.Resource' does not export `monadThrow'
This package is deprecated. https://github.com/fpco/hackage-mirror Regards
Processed: Re: FTBFS on at least two architectures: test failure in the enigma algorithm
Processing commands for cont...@bugs.debian.org: > tags 917203 + pending Bug #917203 [src:libmcrypt] FTBFS on at least two architectures: test failure in the enigma algorithm Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 917203: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917203 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#917203: FTBFS on at least two architectures: test failure in the enigma algorithm
tags 917203 + pending thanks I've uploaded libmcrypt 2.5.8-3.4 to DELAYED/5: libmcrypt (2.5.8-3.4) unstable; urgency=medium * Non-maintainer upload. * Fix FTBFS on at least two architectures due to test failures in the "enigma". Thanks to Göran Weinholt (weinholt) for the patch. (Closes: #917203) * Update Vcs-{Git,Browser} to point to salsa.debian.org. The full debdiff is attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- diffstat for libmcrypt_2.5.8-3.3 libmcrypt_2.5.8-3.4 libmcrypt-2.5.8/debian/changelog | 10 ++ libmcrypt-2.5.8/debian/control |4 ++-- modules/algorithms/enigma.h | 10 +- 3 files changed, 17 insertions(+), 7 deletions(-) diff -u libmcrypt-2.5.8/debian/changelog libmcrypt-2.5.8/debian/changelog --- libmcrypt-2.5.8/debian/changelog +++ libmcrypt-2.5.8/debian/changelog @@ -1,3 +1,13 @@ +libmcrypt (2.5.8-3.4) unstable; urgency=medium + + * Non-maintainer upload. + * Fix FTBFS on at least two architectures due to test failures in the +"enigma". Thanks to Göran Weinholt (weinholt) for the patch. +(Closes: #917203) + * Update Vcs-{Git,Browser} to point to salsa.debian.org. + + -- Chris Lamb Sun, 07 Apr 2019 14:38:10 +0200 + libmcrypt (2.5.8-3.3) unstable; urgency=low * Non-maintainer upload. diff -u libmcrypt-2.5.8/debian/control libmcrypt-2.5.8/debian/control --- libmcrypt-2.5.8/debian/control +++ libmcrypt-2.5.8/debian/control @@ -3,8 +3,8 @@ Priority: optional Maintainer: RISKO Gergely Build-Depends: debhelper (>= 7.0.50), dh-autoreconf, libltdl-dev -Vcs-Browser: http://git.debian.org/?p=collab-maint/libmcrypt.git;a=summary -Vcs-Git: git://git.debian.org/collab-maint/libmcrypt.git +Vcs-Browser: http://salsa.debian.org/debian/libmcrypt +Vcs-Git: http://salsa.debian.org/debian/libmcrypt.git Homepage: http://mcrypt.sourceforge.net/ Standards-Version: 3.8.1 --- libmcrypt-2.5.8.orig/modules/algorithms/enigma.h +++ libmcrypt-2.5.8/modules/algorithms/enigma.h @@ -3,11 +3,11 @@ #define MASK 0377 typedef struct crypt_key { - char t1[ROTORSZ]; - char t2[ROTORSZ]; - char t3[ROTORSZ]; - char deck[ROTORSZ]; - char cbuf[13]; + signed char t1[ROTORSZ]; + signed char t2[ROTORSZ]; + signed char t3[ROTORSZ]; + signed char deck[ROTORSZ]; + signed char cbuf[13]; int n1, n2, nr1, nr2; } CRYPT_KEY;
Bug#900912: Enabling jaw (Java-atk-wrapper) by default ? (Bug#900912)
If enabled by default, please offer a reliable way for applications to disable it. We don't need it for JOSM, and we have been so impacted with jaw's problems in the past years that we will never want it enabled by default for us. Le dim. 7 avr. 2019 à 12:08, Samuel Thibault a écrit : > Hello, > > Matthias Klose, le sam. 06 avril 2019 15:46:21 +0200, a ecrit: > > On 06.04.19 15:13, Paul Gevers wrote: > > > We're late already, I would want this rather sooner than latter > > > in buster, such that there is some real live testing before we release. > > > Sure, there are chances for bugs, but if that's the case, let's find > > > them and fix them. > > > > I disagree. I'll do the next upload with Samuel's proposed patches, not > > enabling that by default, together with the planned security update. > Then > > people can start testing if the wrapper works. > > Well, I'm afraid that what will happen is that the people who will > test will simply find out that it just works for them (just like it > does already for them with openjdk-8) ; will we then conclude near the > release that it should be enabled by default for Buster, and then be hit > by the much wider exposition to jaw? > > If on the contrary we enable it by default during the freeze, we will > have *way* more testing coverage, and thus be much more confident with > keeping it enabled by default in Buster if we don't see bug reports. > > > Enabling features during the freeze which were broken most of the time > > during the development cycle sounds risky. > > Just ftr: what was broken was the load of jaw in openjdk-11, jaw itself > seems to work in openjdk-8 for people needing it. > > Samuel >
Processed: Patch for the enigma algorithm
Processing commands for cont...@bugs.debian.org: > tags 917203 + patch Bug #917203 [src:libmcrypt] FTBFS on at least two architectures: test failure in the enigma algorithm Added tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 917203: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917203 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#917203: Patch for the enigma algorithm
tags 917203 + patch thanks Hello, greetings from the BSP in Gothenburg. Please find attached a patch that fixes the libmcrypt ftbfs on armel. Regards, -- Göran Weinholt https://weinholt.se/ --- modules/algorithms/enigma.h.orig 2002-03-09 21:17:08.0 +0100 +++ modules/algorithms/enigma.h 2019-04-07 13:54:03.0 +0200 @@ -3,11 +3,11 @@ #define MASK 0377 typedef struct crypt_key { - char t1[ROTORSZ]; - char t2[ROTORSZ]; - char t3[ROTORSZ]; - char deck[ROTORSZ]; - char cbuf[13]; + signed char t1[ROTORSZ]; + signed char t2[ROTORSZ]; + signed char t3[ROTORSZ]; + signed char deck[ROTORSZ]; + signed char cbuf[13]; int n1, n2, nr1, nr2; } CRYPT_KEY;
Bug#926591: libelogind0: does not ship SONAME link /lib//libelogind.so.0 -> libsystemd.so.0.25.0
Package: libelogind0 Version: 241.1-1+debian1 Severity: serious Tags: patch User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package does not ship the SONAME link for its library (Policy 8.1). That link got created later by ldconfig. >From the attached log (scroll to the bottom...): 0m16.6s DEBUG: Starting command: ['chroot', '/srv/piuparts/tmp/tmpL2PdQe', 'tmp/scripts/pre_remove_40_find_unowned_lib_links'] 0m17.2s DUMP: UNOWNED SYMLINK /lib/x86_64-linux-gnu/libelogind.so.0 -> libsystemd.so.0.25.0 0m17.2s DEBUG: Command ok: ['chroot', '/srv/piuparts/tmp/tmpL2PdQe', 'tmp/scripts/pre_remove_40_find_unowned_lib_links'] I think the symlink setup is overly complicated by using both /lib and /usr/lib. You should either move everything to /lib (if that is really required for compatibility with libsystemd0) or just restrict to /usr/lib (as done in my patch). I also think you don't need libsystemd.so.0.25.0 symlinks at all, a libsystemd.so.0 -> libelogind.so.0 symlink should be sufficient. This produces some noise in piuparts tests and therefore I'd like to see it fixed for buster. Andreas >From 331f7543426163abf628ae13feee4c2253e930c8 Mon Sep 17 00:00:00 2001 From: Andreas Beckmann Date: Sun, 7 Apr 2019 13:32:25 +0200 Subject: [PATCH] simplify compat symlink setup --- debian/changelog | 3 +++ debian/libelogind0.links | 3 +-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index 572ae4b8f..9ff0bef1d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,6 +3,9 @@ elogind (241.1-2~wip1) UNRELEASED; urgency=medium [ Andreas Messer ] * Retire package maintenance + [ Andreas Beckmann ] + * Simplify compat symlink setup. (Closes: #xx) + -- Andreas Messer Fri, 15 Mar 2019 18:06:50 +0100 elogind (241.1-1) unstable; urgency=medium diff --git a/debian/libelogind0.links b/debian/libelogind0.links index 47785742c..dd1a34455 100755 --- a/debian/libelogind0.links +++ b/debian/libelogind0.links @@ -1,3 +1,2 @@ #! /usr/bin/dh-exec -usr/lib/${DEB_HOST_MULTIARCH}/libelogind.so.0.25.0 lib/${DEB_HOST_MULTIARCH}/libsystemd.so.0.25.0 -lib/${DEB_HOST_MULTIARCH}/libsystemd.so.0.25.0 lib/${DEB_HOST_MULTIARCH}/libsystemd.so.0 +usr/lib/${DEB_HOST_MULTIARCH}/libelogind.so.0 usr/lib/${DEB_HOST_MULTIARCH}/libsystemd.so.0 -- 2.11.0 libelogind0_241.1-1+debian1.log.gz Description: application/gzip
Processed: block 884128 with 926589
Processing commands for cont...@bugs.debian.org: > block 884128 with 926589 Bug #884128 [src:libical] libical: don't release with buster 884128 was blocked by: 906219 906221 905697 884128 was not blocking any bugs. Added blocking bug(s) of 884128: 926589 > thanks Stopping processing here. Please contact me if you need assistance. -- 884128: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884128 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#925909: [Help] Re: pbgenomicconsensus: autopkgtest regression
Hi, On Sun, 7 Apr 2019 at 11:30, Graham Inggs wrote: > Hi Andeas > > On Sun, 7 Apr 2019 at 07:50, Andreas Tille wrote: > > I have no idea why command1 is failing. Anybody who can reproduce > > this test result and can fix this test? > > The output of command1 is the following: > > autopkgtest [15:39:43]: test command1: unset GZIP && cp -r Makefile > tests $AUTOPKGTEST_TMP && cd $AUTOPKGTEST_TMP && make tests > autopkgtest [15:39:43]: test command1: [--- > # Unit tests > # ignore tests requiring > https://github.com/PacificBiosciences/PacBioTestData which is not > packaged > set -e ; \ > TMPDIR=$(mktemp -d /tmp/test_ignore_XX) ; \ > mv tests/unit/test_tool_contract.py ${TMPDIR} ; \ > py.test --junit-xml=nosetests.xml tests/unit ; \ > rm -rf tests/unit/__pycache__ ; \ > mv ${TMPDIR}/* tests/unit ; \ > rmdir ${TMPDIR} > /bin/bash: line 3: py.test: command not found > make: *** [Makefile:12: unit-tests] Error 127 > autopkgtest [15:39:44]: test command1: ---] > autopkgtest [15:39:44]: test command1: - - - - - - - - - - results - > - - - - - - - - - > command1 FAIL non-zero exit status 2 > > I think all that is needed here is adding a test dependency on > python-pytest. See the 'available diffs' section on Steve Langasek's > upload [1]. > I have just added python-pytest and one more missing library. Now the tests should pass. With regards, Liubov
Processed (with 1 error): reassign 926589 to ftp.debian.org, severity of 926589 is normal ..., block 926589 with 926589
Processing commands for cont...@bugs.debian.org: > reassign 926589 ftp.debian.org Bug #926589 [src:libical] libical: don't release with buster Bug reassigned from package 'src:libical' to 'ftp.debian.org'. No longer marked as found in versions libical/2.0.0-1. Ignoring request to alter fixed versions of bug #926589 to the same values previously set > severity 926589 normal Bug #926589 [ftp.debian.org] libical: don't release with buster Severity set to 'normal' from 'serious' > retitle 926589 RM: libical -- RoQA, orphaned, superceeded Bug #926589 [ftp.debian.org] libical: don't release with buster Changed Bug title to 'RM: libical -- RoQA, orphaned, superceeded' from 'libical: don't release with buster'. > block 926589 with 926589 Bug #926589 [ftp.debian.org] RM: libical -- RoQA, orphaned, superceeded Failed to set blocking bugs of 926589: It is nonsensical for a bug to block itself (or a merged partner): 926589. > thanks Stopping processing here. Please contact me if you need assistance. -- 926589: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926589 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#915333: git-annex: Illegal Instruction on armel (Fujitsu Q700 like QNAP TS-21x/TS-22x)
Hey, On Mon, 11 Mar 2019 12:05:55 +0200 Adrian Bunk wrote: > On Thu, Jan 31, 2019 at 08:12:17PM +0100, Bernhard Übelacker wrote: > > Hello Everyone, > > I own a qnap ts-119pII with a similar cpu. > > > > See attached file with several debugging attempts. I took some time and wanted to reproduce and test this issue. > > If I read [1] right, then the UXTH instruction is just supported > > on ARMv6 or later. > > Looking at the code, the bug seems to be in > https://sources.debian.org/src/ghc/8.4.4+dfsg1-2/debian/patches/llvm-arm-unknown-linux-gnueabi.patch/ > > ARM1136JF-S is ARM11, which is ARMv6. > arm9e would be correct here instead of arm1136jf-s. > > Due to the static-only nature of the ghc ecosystem the fix would then > require a complete rebuild of all Haskell packages on armel, but with > the buildds otherwise mostly idle now this should be finished within > 2-3 days. First I tried to reproduce the crash on one of our porterboxes[4] `amdahl` (where I could not reproduce the bug, git-annex runs just fine), but I only much later figured out that it run armv8l: [4] https://db.debian.org/machines.cgi?host=amdahl dpat@amdahl ~ % export sessionid=913555 dpat@amdahl ~ % schroot -b -c sid_armel-dchroot -n $sessionid I: 00check: Untarring chroot environment. This might take a minute or two. I: 99porterbox-extra-sources: o To install build dependencies run I: 99porterbox-extra-sources: dd-schroot-cmd -c 915333 apt-get update I: 99porterbox-extra-sources: followed by build-dep/install as appropriate in the host system. I: 99porterbox-extra-sources: o If you started this session with schroot -b, please do not forget to run I: 99porterbox-extra-sources: schroot --end-session -c 915333 I: 99porterbox-extra-sources: when you no longer need this environment. 915333 schroot -b -c sid_armel-dchroot -n $sessionid 9.08s user 5.17s system 126% cpu 11.293 total (sid_armel-dchroot)dpat@amdahl ~ % uname -a Linux amdahl 4.9.0-8-arm64 #1 SMP Debian 4.9.144-3.1 (2019-02-19) armv8l GNU/Linux I also tried on `abel` but its a armv7l. I then wanted to setup a qemu-arm environment but I am stuck finding out which machine/cpu option would be correct. I found [1] and [2] which states that the CPU "Feroceon 88FR131 rev 1 (v5l)" is a actually a Marvell Kirkwood 88F6281. (Ok, [3] says that qnap ts-11x runs on Kirkwood system-on-chip (SoC) from Marvell). [1] https://www.chainsawonatireswing.com/2012/01/07/find-out-which-cpu-your-synology-diskstation-uses/ [2] https://www.7-cpu.com/cpu/Kirkwood.html [3] https://www.debian.org/releases/stable/armel/ch02s01.html.en (see 2.1.4) So, is it possible to emulate a armv5 and if yes, how? Thanks. Regards from the Debian BSP201904, Salzburg, - Darsha signature.asc Description: OpenPGP digital signature
Bug#924616: CVE-2018-15587
Hi, at the Salzburg BSP I was looking at this report, On Thu, 14 Mar 2019 23:18:39 +0100 Moritz Muehlenhoff wrote: > Source: evolution > Severity: grave > Tags: security > > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15587: > > https://bugzilla.gnome.org/show_bug.cgi?id=796424 > https://gitlab.gnome.org/GNOME/evolution/commit/9c55a311325f5905d8b8403b96607e46cf343f21 https://gitlab.gnome.org/GNOME/evolution/commit/f66cd3e1db301d264563b4222a3574e2e58e2b85 I was triaging into it, but unfortunatly cannot solve it... Summary: The second patch seems to be already applied, but the first one seems not to be... However, I'm not sure if it does the trick as the speciem attached to the forwarded bug shows still up as "verified"... > > Cheers, > Moritz > > >
Bug#923930: FTBFS: FAIL test_chain (exit status: 1)
Hi all, > It looks like this is fixed upstream (at least for 64-bit machines): > https://github.com/heimdal/heimdal/issues/533 If it helps, I just blindly tried applying: https://github.com/quanah/heimdal/commit/e3cd069e5c40b455541508b81ffeb0563e882aed … on top of src:heimdal 7.5.0+dfsg-2.1 (in sid) and it failed with: https://gist.githubusercontent.com/lamby/41c5d8aa85972c7c2b289296637dfa7e/raw (Uninvestigated.) Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org chris-lamb.co.uk `-
Processed (with 5 errors): Re: libical: don't release with buster
Processing control commands: > clone -1 -2 Bug #884128 [src:libical] libical: don't release with buster Bug 884128 cloned as bug 926589 No valid blocking bug(s) given; not doing anything Failed to clone 884128: Unknown/archived blocking bug(s):906219. > retitle -2 RM: libical -- RoQA, orphaned, superceeded Failed to set the title of -2: The 'bug' parameter ("-2") to Debbugs::Control::set_title did not pass regex check . > reassign -2 ftp.debian.org Failed to clear fixed versions and reopen on -2: The 'bug' parameter ("-2") to Debbugs::Control::set_package did not pass regex check . > block -1 by -2 Failed to set blocking bugs of 884128: Invalid blocking bug(s):-2. > severity -2 normal Failed to set severity of Bug -2 to normal: The 'bug' parameter ("-2") to Debbugs::Control::set_severity did not pass regex check . -- 884128: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884128 926589: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926589 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#884128: libical: don't release with buster
Control: clone -1 -2 Control: retitle -2 RM: libical -- RoQA, orphaned, superceeded Control: reassign -2 ftp.debian.org Control: block -1 by -2 Control: severity -2 normal Hi, as dak is not so unhappy (only 3 packages on kreebsd, see below) I think we should remove it... (cloning and assigning clone to ftp.d.o) ssh mirror.ftp-master.debian.org "dak rm -Rn libical" Will remove the following packages from unstable: libical |2.0.0-4 | source libical2 |2.0.0-4 | armel, hurd-i386, kfreebsd-i386, mips, mipsel libical2 | 2.0.0-4+b1 | kfreebsd-amd64 libical2 | 2.0.0-4+b2 | amd64, arm64, armhf, i386, mips64el, ppc64el, s390x libical2-dev |2.0.0-4 | armel, hurd-i386, kfreebsd-i386, mips, mipsel libical2-dev | 2.0.0-4+b1 | kfreebsd-amd64 libical2-dev | 2.0.0-4+b2 | amd64, arm64, armhf, i386, mips64el, ppc64el, s390x Maintainer: Debian QA Group --- Reason --- -- Checking reverse dependencies... # Broken Depends: cairo-dock-plug-ins: cairo-dock-clock-plug-in [kfreebsd-amd64 kfreebsd- i386] cyrus-imapd: cyrus-caldav [kfreebsd-amd64 kfreebsd-i386] cyrus-common [kfreebsd-amd64 kfreebsd-i386] kdepimlibs: libkcal4 [kfreebsd-amd64 kfreebsd-i386] libkcalcore4 [kfreebsd-amd64 kfreebsd-i386] Dependency problem found. On Thu, 21 Mar 2019 11:30:09 +0100 "Thierry fa...@linux.ibm.com" < thie...@linux.ibm.com> wrote: > Hello, > As currently we have (for most of the platforms) > > $ apt-cache madison libical2 > libical2 | 2.0.0-4+b2 | http://ftp.fr.debian.org/debian buster/main > amd64 Packages >libical |2.0.0-4 | http://ftp.fr.debian.org/debian buster/main > Sources > > What do we do with that bug ? > Thanks > > > > On Wed, 8 Aug 2018 10:39:14 +0200 Emilio Pozuelo Monfort > wrote: > > On 08/08/18 09:33, Niels Thykier wrote: > > > Control: tags -1 moreinfo > > > > > > On Mon, 11 Dec 2017 19:43:59 +0100 Emilio Pozuelo Monfort > > > wrote: > > >> Source: libical > > >> Version: 2.0.0-1 > > >> Severity: serious > > >> > > >> Hi, > > >> > > >> We have src:libical3 now, so libical2 should be dropped before the > > >> freeze. We shouldn't need to release buster with both libical 2 and 3. > > >> Filing this bug so we don't forget about that. > > >> > > >> Emilio > > >> > > >> [...] > > > Hi Emilio, > > > > > > We are getting "close" to the transition freeze. If it is still the > > > plan to remove libical from Debian buster, please start filing bugs > > > against the (remaining) reverse dependencies and have them fixed. > > > > That's basically kdepimlibs, as cyrus-imapd is not in testing and kmymoney is > > already fixed in experimental and just needs an upload to sid. > > > > kdepimlibs may not be easy though as disabling libical will probably disable > > some libs that may be used by rdeps. Someone needs to look at that. I have just > > opened a bug for it and made it block this one. > > > > Cheers, > > Emilio > > > > > > -- > Thierry Fauck @ fr.ibm.com > > >
Bug#926587: marked as done (roundup: CVE-2019-10904)
Your message dated Sun, 07 Apr 2019 08:04:14 -0400 with message-id and subject line Re: Bug#926587: Acknowledgement (roundup: CVE-2019-10904) has caused the Debian Bug report #926587, regarding roundup: CVE-2019-10904 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 926587: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926587 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: roundup Version: 1.4.20-1.1+deb8u1 X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for roundup. CVE-2019-10904[0]: | Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and | roundup/cgi/wsgi_handler.py mishandle 404 errors. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-10904 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10904 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- --- End Message --- --- Begin Message --- The Debian Bug Tracking System wrote: > Thank you for filing a new Bug report with Debian. … nd I've just noticed that src:roundup was removed since jessie, so closing this bug. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org chris-lamb.co.uk ` End Message ---
Bug#926587: roundup: CVE-2019-10904
Package: roundup Version: 1.4.20-1.1+deb8u1 X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for roundup. CVE-2019-10904[0]: | Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and | roundup/cgi/wsgi_handler.py mishandle 404 errors. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-10904 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10904 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
Bug#924123: marked as done (shishi: FTBFS with pam >= 1.3)
Your message dated Sun, 07 Apr 2019 11:48:56 + with message-id and subject line Bug#924123: fixed in shishi 1.0.2-6.2 has caused the Debian Bug report #924123, regarding shishi: FTBFS with pam >= 1.3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 924123: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924123 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:shishi Version: 1.0.2-6.1 Severity: serious Tags: ftbfs Dear maintainer: I tried to build this package in buster but it failed: [...] debian/rules build-indep test -x debian/rules mkdir -p "." CDBS WARNING:DEB_DH_STRIP_ARGS is deprecated since 0.4.85 CDBS WARNING:DEB_COMPRESS_EXCLUDE is deprecated since 0.4.85 set -e; mv ./build-aux/config.guess ./build-aux/config.guess.cdbs-orig; cp --remove-destination /usr/share/misc/config.guess ./build-aux/config.guess; set -e; mv ./build-aux/config.sub ./build-aux/config.sub.cdbs-orig; cp --remove-destination /usr/share/misc/config.sub ./build-aux/config.sub; dh_autoreconf Copying file build-aux/config.rpath Copying file m4/codeset.m4 Copying file m4/glibc2.m4 Copying file m4/glibc21.m4 Copying file m4/intdiv0.m4 Copying file m4/intl.m4 [... snipped ...] gtkdoc-mkhtml 2>&1 --help | grep >/dev/null "\-\-verbose"; \ if test "$?" = "0"; then \ if test "x" = "x1"; then \ mkhtml_options="$mkhtml_options --verbose"; \ fi; \ fi; \ gtkdoc-mkhtml 2>&1 --help | grep >/dev/null "\-\-path"; \ if test "$?" = "0"; then \ mkhtml_options="$mkhtml_options --path=\"/<>/doc/reference\""; \ fi; \ cd html && gtkdoc-mkhtml $mkhtml_options shishi ../shishi-docs.sgml gtkdoc-fixxref --module=shishi --module-dir=html --html-dir=/usr/share/gtk-doc/html Package glib-2.0 was not found in the pkg-config search path. Perhaps you should add the directory containing `glib-2.0.pc' to the PKG_CONFIG_PATH environment variable No package 'glib-2.0' found touch html-build.stamp make[4]: Leaving directory '/<>/doc/reference' make[3]: Leaving directory '/<>/doc' Making all in extra make[3]: Entering directory '/<>/extra' Making all in pam_shishi make[4]: Entering directory '/<>/extra/pam_shishi' /bin/bash ../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I../.. -I../../gl -I../../lib -I../../gl -I../../lib -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -c -o pam_shishi.lo pam_shishi.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../.. -I../../gl -I../../lib -I../../gl -I../../lib -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -c pam_shishi.c -fPIC -DPIC -o .libs/pam_shishi.o pam_shishi.c: In function 'pam_sm_authenticate': pam_shishi.c:185:48: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] pam_set_data (pamh, "shishi_setcred_return", (void *) retval, NULL); ^ pam_shishi.c:127:7: warning: ignoring return value of 'asprintf', declared with attribute warn_unused_result [-Wunused-result] asprintf ((char **) [0].msg, "Password for `%s@%s': ", ^~ shishi_principal_default (h), shishi_realm_default (h)); ~~~ libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../.. -I../../gl -I../../lib -I../../gl -I../../lib -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -c pam_shishi.c -o pam_shishi.o >/dev/null 2>&1 make[4]: *** [Makefile:1359: pam_shishi.lo] Error 1 make[4]: Leaving directory '/<>/extra/pam_shishi' make[3]: *** [Makefile:1272: all-recursive] Error 1 make[3]: Leaving directory '/<>/extra' make[2]: *** [Makefile:1440: all-recursive] Error 1 make[2]: Leaving directory '/<>' make[1]: *** [Makefile:1301: all] Error 2 make[1]: Leaving directory '/<>' make: *** [/usr/share/cdbs/1/class/makefile.mk:77: debian/stamp-makefile-build] Error 2 dpkg-buildpackage: error: debian/rules build-indep subprocess returned exit status 2 The build was made in my autobuilder with "dpkg-buildpackage -A" and it also fails here: https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/shishi.html where you can get a full build log if you need it. If this is really a bug in one of
Processed: severity of 926400 is grave
Processing commands for cont...@bugs.debian.org: > severity 926400 grave Bug #926400 [libaprutil1-dbd-mysql] libapr1-dbd-mysql: apache fails to start if dbd with mysql is used Severity set to 'grave' from 'important' > thanks Stopping processing here. Please contact me if you need assistance. -- 926400: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926400 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#926584: caffe-contrib: needs new upload for leveldb transition
package: caffe-contrib severity: serious version: 1.0.0+git20180821.99bd997-2 Hi, There is an ongoing transition of leveldb to fix #83. caffe-contrib needs an upload for this transition (it is not buildable on the buildd). Thanks, Ivo
Bug#924123: shishi seems to be fixed upstream (in git)
Control: tags -1 + fixed-upstream Greetings from Gothenburg BSP. Upstream seems to have adressed this (and many other issues) in their git repository (but there hasn't been any new releases for years): http://git.savannah.gnu.org/gitweb/?p=shishi.git;a=commitdiff;h=07cd137bf79af3b9abfe08ff55c36a0c6785e733;hp=cbc4c1ca3f8af8ac80248aab5b06244d5df5fda3 Regards, Andreas Henriksson
Processed: shishi seems to be fixed upstream (in git)
Processing control commands: > tags -1 + fixed-upstream Bug #924123 [src:shishi] shishi: FTBFS with pam >= 1.3 Added tag(s) fixed-upstream. -- 924123: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924123 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#897489: python-whoosh: FTBFS: dh_auto_test: pybuild --test --test-pytest -i python{version} -p 3.6 returned exit code 13
Hi Chris, On 4/7/19 11:45 AM, Chris Lamb wrote: Hi Ivo, Fixing this bug and reuploading now... :) Thanks for the upload. However, you included the changes from -2. Could you revert the debhelper compat bump? Sure, it was already committed prior to the freeze IIRC. Uploaded as -4, including all the changes since the -1 in buster. Thanks! I added an unblock for it (so no need to file an unblock request). (For completeness, the reason why -1 did not hit the archive is due to a pristine-tar issue; I reverted and recreated the entry on the pristine-tar branch and it regenerates correctly at build time, avoiding the REJECT when the file was "different in the archive"). Ah, that explains that... Ivo
Processed: severity of 919486 is important
Processing commands for cont...@bugs.debian.org: > severity 919486 important Bug #919486 [osinfo-db] Please support Debian Buster Severity set to 'important' from 'serious' > thanks Stopping processing here. Please contact me if you need assistance. -- 919486: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919486 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#882324: amavisd-new: diff for NMU version 1:2.11.0-6.1
Tobias Frost writes: > I've prepared an NMU for amavisd-new (versioned as 1:2.11.0-6.1) and > uploaded it to DELAYED/10. Please feel free to tell me if I > should delay it longer. Thanks. This looks good to me. Feel free to upload immediately without the delay if you want. -- Brian May
Bug#926578: faudio: Incomplete debian/copyright?
Source: faudio Version: 19.02-1 Severity: serious Justication: Policy §12.5 X-Debbugs-CC: Michael Gilbert , ftpmas...@debian.org Hi, I just ACCEPTed faudio from NEW but noticed it was missing attribution in debian/copyright for at least Sean Barrett. This is in no way exhaustive so please check over the entire package carefully and address these on your next upload. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
Bug#924635: marked as done (libactivemq-java depends on the removed libspring-jms-java)
Your message dated Sun, 7 Apr 2019 12:17:36 +0200 with message-id <20190407101735.ct5b3qjwbxe2e...@debian.org> and subject line Re: Update has caused the Debian Bug report #924635, regarding libactivemq-java depends on the removed libspring-jms-java to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 924635: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924635 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libactivemq-java Version: 5.15.8-2 Severity: serious Tags: sid buster libactivemq-java depends on the removed libspring-jms-java. --- End Message --- --- Begin Message --- Hi, On Sun, Apr 07, 2019 at 07:30:09AM +0200, Dominik Stadler wrote: > Bug #925533 re-adds the messaging and jms modules in libspring, so this bug > could be merged as duplicate with that one now. The issue in libactivemq-java no longer exists. Closing this bug. Ivo--- End Message ---
Bug#900912: Enabling jaw (Java-atk-wrapper) by default ? (Bug#900912)
Hello, Matthias Klose, le sam. 06 avril 2019 15:46:21 +0200, a ecrit: > On 06.04.19 15:13, Paul Gevers wrote: > > We're late already, I would want this rather sooner than latter > > in buster, such that there is some real live testing before we release. > > Sure, there are chances for bugs, but if that's the case, let's find > > them and fix them. > > I disagree. I'll do the next upload with Samuel's proposed patches, not > enabling that by default, together with the planned security update. Then > people can start testing if the wrapper works. Well, I'm afraid that what will happen is that the people who will test will simply find out that it just works for them (just like it does already for them with openjdk-8) ; will we then conclude near the release that it should be enabled by default for Buster, and then be hit by the much wider exposition to jaw? If on the contrary we enable it by default during the freeze, we will have *way* more testing coverage, and thus be much more confident with keeping it enabled by default in Buster if we don't see bug reports. > Enabling features during the freeze which were broken most of the time > during the development cycle sounds risky. Just ftr: what was broken was the load of jaw in openjdk-11, jaw itself seems to work in openjdk-8 for people needing it. Samuel
Processed: archiving 815545
Processing commands for cont...@bugs.debian.org: > archive 815545 Bug #815545 {Done: Rene Engelhard } [src:graphite2] libgraphite2-2.0.0: Incorrect SONAME in shlibs (3 vs 2.0.0) archived 815545 to archive/45 (from 815545) > thanks Stopping processing here. Please contact me if you need assistance. -- 815545: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815545 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#897489: marked as done (python-whoosh: FTBFS due to non-deterministic behaviour in NFA.minimize)
Your message dated Sun, 07 Apr 2019 10:03:36 + with message-id and subject line Bug#897489: fixed in python-whoosh 2.7.4+git6-g9134ad92-4 has caused the Debian Bug report #897489, regarding python-whoosh: FTBFS due to non-deterministic behaviour in NFA.minimize to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 897489: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897489 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: python-whoosh Version: 2.7.4+git6-g9134ad92-1 Severity: serious Tags: buster sid User: debian...@lists.debian.org Usertags: qa-ftbfs-20180502 qa-ftbfs Justification: FTBFS on amd64 Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > make[1]: Entering directory '/<>/python-whoosh-2.7.4+git6-g9134ad92' > dh_auto_build --buildsystem=pybuild > I: pybuild base:217: /usr/bin/python setup.py build > running build > running build_py > creating > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/highlight.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/fields.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/system.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/legacy.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/multiproc.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/writing.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/searching.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/formats.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/spelling.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/collectors.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/sorting.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/classify.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/scoring.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/columns.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/idsets.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/compat.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/__init__.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/externalsort.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/index.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > copying src/whoosh/reading.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh > creating > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh/filedb > copying src/whoosh/filedb/structfile.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh/filedb > copying src/whoosh/filedb/filetables.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh/filedb > copying src/whoosh/filedb/filestore.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh/filedb > copying src/whoosh/filedb/gae.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh/filedb > copying src/whoosh/filedb/__init__.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh/filedb > copying src/whoosh/filedb/compound.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh/filedb > creating > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh/automata > copying src/whoosh/automata/glob.py -> > /<>/python-whoosh-2.7.4+git6-g9134ad92/.pybuild/cpython2_2.7_whoosh/build/whoosh/automata > copying
Processed: found 788721 in firefox-esr/60.5.1esr-1
Processing commands for cont...@bugs.debian.org: > found 788721 firefox-esr/60.5.1esr-1 Bug #788721 [firefox-esr] firefox-esr: Some sources are missing Marked as found in versions firefox-esr/60.5.1esr-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 788721: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788721 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: severity of 815545 is serious
Processing commands for cont...@bugs.debian.org: > severity 815545 serious Bug #815545 {Done: Rene Engelhard } [src:graphite2] libgraphite2-2.0.0: Incorrect SONAME in shlibs (3 vs 2.0.0) Severity set to 'serious' from 'normal' > thanks Stopping processing here. Please contact me if you need assistance. -- 815545: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815545 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: firefox-esr: Some sources are misssing
Processing control commands: > reassign 788721 firefox-esr Bug #788721 [src:firefox-esr] [src:iceweasel] Some sources are not included in your package Bug reassigned from package 'src:firefox-esr' to 'firefox-esr'. Ignoring request to alter found versions of bug #788721 to the same values previously set Ignoring request to alter fixed versions of bug #788721 to the same values previously set > retitle 788721 firefox-esr: Some sources are missing Bug #788721 [firefox-esr] [src:iceweasel] Some sources are not included in your package Changed Bug title to 'firefox-esr: Some sources are missing' from '[src:iceweasel] Some sources are not included in your package'. -- 788721: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788721 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#788721: firefox-esr: Some sources are misssing
control: reassign 788721 firefox-esr control: retitle 788721 firefox-esr: Some sources are missing This bug affects firefox-esr in testing: At least these non-source files are still problematic: js/src/octane/typescript-input.js js/src/octane/box2d.js third_party/python/mock-1.0.0/html/_static/underscore.js third_party/python/mock-1.0.0/html/_static/jquery.js browser/components/translation/cld2/cld-worker.js browser/extensions/pocket/content/panels/js/vendor/jquery.tokeninput.min.js browser/extensions/pocket/content/panels/js/vendor/jquery-2.1.1.min.js layout/mathml/tests/stretchy-and-large-operators.js Other of the previously reported files may still be relevant as well, and possibly additional files are similarly problematic (indicated by doing a "find -name '*.min.js'" without examining further). - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private signature.asc Description: signature
Bug#924634: marked as done (libuima-as-java depends on the removed libspring-jms-java)
Your message dated Sun, 7 Apr 2019 11:52:38 +0200 with message-id <20190407095236.wivmwod6272aq...@debian.org> and subject line Re: Update has caused the Debian Bug report #924634, regarding libuima-as-java depends on the removed libspring-jms-java to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 924634: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924634 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libuima-as-java Version: 2.3.1-9 Severity: serious Tags: sid buster libuima-as-java depends on the removed libspring-jms-java in unstable. --- End Message --- --- Begin Message --- Hi, On Sun, Apr 07, 2019 at 07:29:48AM +0200, Dominik Stadler wrote: > Bug #925533 re-adds the messaging and jms modules in libspring, so this bug > could be merged as duplicate with that one now. I think it's better to close this bug, as the issue in libuima-as-java no longer exists. Thanks, Ivo--- End Message ---
Bug#897489: python-whoosh: FTBFS: dh_auto_test: pybuild --test --test-pytest -i python{version} -p 3.6 returned exit code 13
Hi Ivo, > > Fixing this bug and reuploading now... :) > > Thanks for the upload. However, you included the changes from -2. Could you > revert the debhelper compat bump? Sure, it was already committed prior to the freeze IIRC. Uploaded as -4, including all the changes since the -1 in buster. (For completeness, the reason why -1 did not hit the archive is due to a pristine-tar issue; I reverted and recreated the entry on the pristine-tar branch and it regenerates correctly at build time, avoiding the REJECT when the file was "different in the archive"). Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org chris-lamb.co.uk `-
Bug#919571: This shouldn't need fixing: obsoleted by libical3
control: affects 926574 libical Please note that libical is superseded by libical3, and has now been requested removed from Debian - see bug#926574. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private signature.asc Description: signature
Bug#925909: [Help] Re: pbgenomicconsensus: autopkgtest regression
Hi Andeas On Sun, 7 Apr 2019 at 07:50, Andreas Tille wrote: > I have no idea why command1 is failing. Anybody who can reproduce > this test result and can fix this test? The output of command1 is the following: autopkgtest [15:39:43]: test command1: unset GZIP && cp -r Makefile tests $AUTOPKGTEST_TMP && cd $AUTOPKGTEST_TMP && make tests autopkgtest [15:39:43]: test command1: [--- # Unit tests # ignore tests requiring https://github.com/PacificBiosciences/PacBioTestData which is not packaged set -e ; \ TMPDIR=$(mktemp -d /tmp/test_ignore_XX) ; \ mv tests/unit/test_tool_contract.py ${TMPDIR} ; \ py.test --junit-xml=nosetests.xml tests/unit ; \ rm -rf tests/unit/__pycache__ ; \ mv ${TMPDIR}/* tests/unit ; \ rmdir ${TMPDIR} /bin/bash: line 3: py.test: command not found make: *** [Makefile:12: unit-tests] Error 127 autopkgtest [15:39:44]: test command1: ---] autopkgtest [15:39:44]: test command1: - - - - - - - - - - results - - - - - - - - - - command1 FAIL non-zero exit status 2 I think all that is needed here is adding a test dependency on python-pytest. See the 'available diffs' section on Steve Langasek's upload [1]. Regards Graham [1] https://launchpad.net/ubuntu/+source/pbgenomicconsensus/2.3.2-1ubuntu1
Bug#916145: closure-compiler: Not working with recent JS code
On Sat, Apr 06, 2019 at 06:13:05PM +0200, Chris Hofstaedtler wrote: > * Roland Gruber [190406 16:07]: > > the current version is so old that it got incompatible with recent JS code. > > E.g. jQuery 3.3.1 cannot be minified as the tool reports parsing errors. > > > > Please either update the tool or remove it from the archive. This is now > > 5 years in unmaintained state. > > I've checked all r-deps of closure-compiler in Debian, and they all > build -- datatables-extensions shows some errors in a prebuilt file, > but it has done so for a long time, so probably not super relevant. > > While I agree that having a 5 year old JS compiler in Debian is not Now over 6 years. > a great situation, its also not threatening to the packages in > Debian using it, so I'd suggest keeping it for now. Packages that would require a non-prehistoric version of closure-compiler are already blocked from entering Debian, see #843951 and #727529 (since 2013!) as examples. Any actual user installing closure-compiler will have a WTF experience when discovering that the new Debian release ships a version that was already outdated when the dinosaurs roamed the earth. > Adrian: you raised the severity, care to lower it until buster is > out (or say some words on why)? IMHO the release team adding a buster-ignore tag would be the best way forward here - this would still show up as RC bug for bullseye. > Cheers, > Chris (from the Salzburg BSP) cu Adrian -- "Is there not promise of rain?" Ling Tan asked suddenly out of the darkness. There had been need of rain for many days. "Only a promise," Lao Er said. Pearl S. Buck - Dragon Seed
Bug#901148: Some analysis
Having been hit by this on Buseter Testing before, I did some investigation. Here are my findings: Conditions for this bug to appear are: * timidity-daemon is installed * timidity service (from the timidity-daemon package) is enabled or timidity gets started by hand * No midi device is provided by the kernel Only if all of these these conditions are fulfilled at the same time, this comes into effect. A quick test on Stretch with the timidity service enabled did not reveal the bug. However, timidity was not running after boot, and I didn't find the reason why. After starting it by hand, pulseaudio got unusable, just like it does on Buster. So my guess is that the bug was actually present in Stretch, it just did not show due to timidity not starting properly at boot. A removal of timidity-daemon on affected systems is sufficient. It is set to "Suggests" instead of "Recommends" with timidity as of 2.14.0-8, so the majority of people who install games or music programs that pull in timidity will no longer be affected. People who will be affected are those that got timidity-daemon installed in Stretch by the "Recommends" dep, and then upgraded to Buster. Even an apt autoremove will keep timidity-daemon installed. One way to escape this bug is to have a midi device available in the system, which can also be snd_virmidi. But I don't consider this a clean solution, because it will probably interfere for people who have real midi hardware. What other options do we have? Simply keep it as-is and document it in the the upgrade manual? Or do we have some mechanism available that would remove timidity-daemon if it was installed automatically? Any other ideas?