Processed: tagging 933743
Processing commands for cont...@bugs.debian.org: > tags 933743 + upstream fixed-upstream Bug #933743 [libxslt1.1] LibXSLT in Debian stable has three unpatched security vulnerabilities Added tag(s) fixed-upstream and upstream. > thanks Stopping processing here. Please contact me if you need assistance. -- 933743: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933743 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#933655: marked as done (pychecker: Package is deprecated and will be removed - do not use)
Your message dated Sun, 04 Aug 2019 05:22:35 + with message-id and subject line Bug#932575: Removed package(s) from unstable has caused the Debian Bug report #933655, regarding pychecker: Package is deprecated and will be removed - do not use to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 933655: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933655 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: pychecker Severity: serious Justification: Policy 5.9.2 Pychecker depends on Python 2, and can't be converted to Python 3. It has also been unmaintained upstream for most of a decade. I have filed bug #932575 requesting its removal. Please do not rely on it as a runtime dependency or a build dependency. --- End Message --- --- Begin Message --- Version: 0.8.19-17+rm Dear submitter, as the package pychecker has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/932575 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---
Bug#933792: ocaml-nox/ocaml-base-nox: missing Breaks+Replaces: ocaml-base-nox/ocaml-nox (<< 4.08)
Thanks for this report. Le 03/08/2019 à 16:42, Andreas Beckmann a écrit : > Preparing to unpack .../ocaml-base-nox_4.08.0-3_amd64.deb ... > Unpacking ocaml-base-nox (4.08.0-3) over (4.05.0-11) ... > dpkg: error processing archive > /var/cache/apt/archives/ocaml-base-nox_4.08.0-3_amd64.deb (--unpack): >trying to overwrite '/usr/lib/ocaml/libasmrun_shared.so', which is also in > package ocaml-nox 4.05.0-11 OK. > dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) > Preparing to unpack .../ocaml-interp_4.08.0-3_amd64.deb ... > Unpacking ocaml-interp (4.08.0-3) over (4.05.0-11) ... > Preparing to unpack .../ocaml-compiler-libs_4.08.0-3_amd64.deb ... > Unpacking ocaml-compiler-libs (4.08.0-3) over (4.05.0-11) ... > Preparing to unpack .../ocaml-nox_4.08.0-3_amd64.deb ... > Unpacking ocaml-nox (4.08.0-3) over (4.05.0-11) ... > dpkg: error processing archive > /var/cache/apt/archives/ocaml-nox_4.08.0-3_amd64.deb (--unpack): >trying to overwrite '/usr/lib/ocaml/VERSION', which is also in package > ocaml-base-nox 4.05.0-11 No, VERSION should be in ocaml-base-nox! > dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) > Errors were encountered while processing: >/var/cache/apt/archives/ocaml-base-nox_4.08.0-3_amd64.deb >/var/cache/apt/archives/ocaml-nox_4.08.0-3_amd64.deb Cheers, -- Stéphane
Bug#932635: marked as done (iverilog ftbfs in unstable)
Your message dated Sun, 04 Aug 2019 02:44:53 + with message-id and subject line Bug#932635: fixed in iverilog 10.2-2 has caused the Debian Bug report #932635, regarding iverilog ftbfs in unstable to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 932635: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932635 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:iverilog Version: 10.2-1.1 Severity: serious Tags: sid bullseye [...] gcc -Wl,-z,relro main.o substit.o cflexor.o cfparse.o -o iverilog ../version.exe `head -1 ./iverilog.man.in`'\n' > iverilog.man tail -n +2 ./iverilog.man.in >> iverilog.man make[2]: Leaving directory '/<>/driver' make[1]: Leaving directory '/<>' dh_auto_test -a make -j1 check VERBOSE=1 make[1]: Entering directory '/<>' mv parse.cc.h parse.h 2>/dev/null || mv parse.hh parse.h mv: cannot stat 'parse.hh': No such file or directory make[1]: *** [Makefile:259: parse.h] Error 1 make[1]: Leaving directory '/<>' dh_auto_test: make -j1 check VERBOSE=1 returned exit code 2 make: *** [debian/rules:4: build-arch] Error 255 dpkg-buildpackage: error: debian/rules build-arch subprocess returned exit status 2 --- End Message --- --- Begin Message --- Source: iverilog Source-Version: 10.2-2 We believe that the bug you reported is fixed in the latest version of iverilog, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 932...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. أحمد المحمودي (Ahmed El-Mahmoudy) (supplier of updated iverilog package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 04 Aug 2019 03:47:35 +0200 Source: iverilog Binary: iverilog Architecture: source Version: 10.2-2 Distribution: unstable Urgency: medium Maintainer: Debian Electronics Team Changed-By: أحمد المحمودي (Ahmed El-Mahmoudy) Description: iverilog - Icarus verilog compiler Closes: 932635 Changes: iverilog (10.2-2) unstable; urgency=medium . * Bump to compat level 12 * no need for dh_auto_clean override * override dh_autoreconf instead of dh_auto_configure * no need for explicit build-dependency on auttools_dev * Use secure URIs for copyright format & Vcs-* fields * Remove Files-Excluded section * Update copyright years * Add bison-fix patch to fix makefile rules for header files generated by bison (Closes: #932635) * Update standards version to 4.4.0 Checksums-Sha1: a60c80ef626af643661a758ed1d98b80f41a8836 1633 iverilog_10.2-2.dsc def035393c283c94967d85968694aeb09c9bfd78 6460 iverilog_10.2-2.debian.tar.xz fcc1b121fe7b556ae5321ead0f653fd5978b3747 5702 iverilog_10.2-2_source.buildinfo Checksums-Sha256: 2015e7f22d89b89cae5417ae8964ddad4e2849cf7f1a2ca96507805245ff5e1a 1633 iverilog_10.2-2.dsc af7eacf90d5925bbe9b775bea79b503d0eb21131604455eabdbfa5664e4acd33 6460 iverilog_10.2-2.debian.tar.xz fb5b261180adb63da102b01d7350763bc4103731255172641441351f93d3bdbb 5702 iverilog_10.2-2_source.buildinfo Files: 5e3d55573abc74babc446f6e6536e7ed 1633 electronics optional iverilog_10.2-2.dsc e96b9b526dfa680d59b39b3d576c4732 6460 electronics optional iverilog_10.2-2.debian.tar.xz 41b1e369225b9b68172181c4a05e41ae 5702 electronics optional iverilog_10.2-2_source.buildinfo -BEGIN PGP SIGNATURE- iQEcBAEBCgAGBQJdRjpjAAoJELwZapTt3aG3CrYH/jr7QoRR/6V6lnTfuALd5Q/d 4VhQ4JOm+/KUpYdC2Ia5zdehDNjWxHjoAOHIszzRnYWh8oqlRGZEwxl3LfI+dPh/ 3ca5oXcQecRKcINQ6x9zqr5SiRUAd9PJZ80tldUAVns9Xap6kVFreyrDpk3UXb0j 0Jy6qDwKrjg8EFV7j5kELCGr857ORlMDBqdm4k8J/BNx76qdXLLhTriiANUehvHv YRzGszEexnysBrFBZgOKEjJ8Mohtj3INTq3qbC2y7CgHSWeBwxakJPN0S4NBDD/L Z0w+Gzk4M1UtPNMw7v56t9WxkCRGEl5YkGaYTN9NL8u8UxQ1j1MHnAVbR+3UNCI= =w6XF -END PGP SIGNATURE End Message ---
Bug#933743: LibXSLT in Debian stable has three unpatched security vulnerabilities
Hi Salvatore, On Sat, 2019 Aug 3 09:32-04:00, Salvatore Bonaccorso wrote: > > As you can see from the security-tracker btw, for all three there are > bugs filled already. So why a new bug for all three together? :) The earliest CVE is nearly four months old, and patches already exist. I filed the bug since it seems a sid/stable update has been overlooked... > Btw, they do not warrant a DSA, but LTS might not classify them > similarly as for stretch and buster, so there was a DLA because there > is no point release in LTS. The CVSS severity scores are fairly high for CVE-2019-11068... don't DSAs include less-exploitable issues than this? (I'm pretty sure a number of network-facing applications use LibXSLT) I understand that LTS may handle updates differently, but aren't these issues rather significant to defer fixes to the next point release? And even then, shouldn't at least sid have the fix already?
Bug#933822: virtualenvwrapper depends on cruft package python-stevedore
Package: virtualenvwrapper Severity: serious Version: 4.3.1-2 Tags: bullseye, sid virtualenvwapper depends on python-stevedore which is no longer built by the stevedore source package.
Processed: mopidy-scrobbler: depends on removed package
Processing commands for cont...@bugs.debian.org: > tags 933348 +bullseye,sid Bug #933348 [src:mopidy-scrobbler] mopidy-scrobbler: depends on removed package Added tag(s) bullseye and sid. > found 933348 1.2.0-1 Bug #933348 [src:mopidy-scrobbler] mopidy-scrobbler: depends on removed package Marked as found in versions mopidy-scrobbler/1.2.0-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 933348: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933348 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#933348: mopidy-scrobbler: depends on removed package
tags 933348 +bullseye,sid found 933348 1.2.0-1 thanks This bug also affects testing.
Bug#933821: python-tuskarclient (build-)depends on cruft package.
Package: python-tuskarclient Severity: serious Version: 0.1.18-1 Tags: bullseye, sid python-tuskarclient depends on the python-cliff, python-keystoneclient, python-openstackclient and python-stevedore binary packages which are no longer built by the corresponding source packages. If this is going to stay around it looks like it needs to migrate to python 3.
Processed: tagging 933674
Processing commands for cont...@bugs.debian.org: > tags 933674 + upstream Bug #933674 [pump] Buffer overflow during processing of large server replies in "pump" Added tag(s) upstream. > thanks Stopping processing here. Please contact me if you need assistance. -- 933674: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933674 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#925967: Solved
On Wed, 24 Apr 2019 14:12:51 -0300 leandroe...@gmail.com wrote: > I solved the problem by copying the file /usr/share/doc/xserver-xorg- > video-intel/xorg.conf to the directory /etc/X11/ > > Some Xorg logs: > LightDM Log: https://paste.debian.net/1079159/ > Xorg log before: https://paste.debian.net/1079164/ > Xorg Log after: https://paste.debian.net/1079167/ > > > I have the same graphics interface: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Integrated Graphics Solved this executing the code below in recovery mode: # Xorg -configure # mkdir /usr/share/X11/xorg.conf.d # cp xorg.conf.new /usr/share/X11/xorg.conf.d/xorg.conf # reboot
Bug#933811: fusiondirectory: Fusion directory install fails as imagick is not detected
Source: fusiondirectory Severity: grave Justification: renders package unusable Dear Maintainer, I installed fusiondirectory and tried to configure it through its web interface. At the third step ('Installation check'), a problem is detected with imagick support : Checking for imagick supportError Install and activate the imagick PHP module FusionDirectory will NOT run without fixing this. That renders fusiondirectory unusable to me as I do not know how to solve this. (I do not have the problem mentionned in bug #931959 as I installed php-xml manually.) imagick support is tested by fusiondirectory in /usr/share/fusiondirectory/setup/class_setupStepChecks.inc, line 137 : $R = class_exists('Imagick', FALSE); I wrote the following php code and put it in /var/www/html/atest.php : -- A simple test -- When I run it in a shell ('php7.3 /var/www/html/atest.php'), imagick is detected (output containing 'Imagick detected') whereas when I run it through apache (opening a browser on https://myservername/atest.php), it is not (web page containing 'Imagick not detected') So something must be wrong with the configuration of imagick in fusiondirectory (fusiondirectory should have enabled imagick when php is run through apache) and/or with the php-imagick package. Yours, Judicael Courant. -- System Information: Debian Release: 10.0 APT prefers stable APT policy: (500, 'stable') Architecture: arm64 (aarch64) Kernel: Linux 4.9.93-mainline-rev1 (SMP w/6 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Possibly relevant packages: ii apache22.4.38-3 arm64Apache HTTP Server ii apache2-bin2.4.38-3 arm64Apache HTTP Server (modules and other binary files) ii apache2-data 2.4.38-3 all Apache HTTP Server (common files) ii apache2-utils 2.4.38-3 arm64Apache HTTP Server (utility programs for web servers) ii fusiondirectory1.2.3-4 all Web Based LDAP Administration Program ii fusiondirectory-schema 1.2.3-4 all LDAP schema for FusionDirectory ii fusiondirectory-smarty3-acl-render 1.2.3-4 all Provide FusionDirectory ACL based rendering for Smarty3 ii libapache2-mod-php 2:7.3+69 all server-side, HTML-embedded scripting language (Apache 2 module) (default) ii libapache2-mod-php 2:7.3+69 all server-side, HTML-embedded scripting language (Apache 2 module) (default) ii libapache2-mod-php7.3 7.3.4-2 arm64server-side, HTML-embedded scripting language (Apache 2 module) ii libapache2-mod-php7.3 7.3.4-2 arm64server-side, HTML-embedded scripting language (Apache 2 module) ii php2:7.3+69 all server-side, HTML-embedded scripting language (default) ii php7.3 7.3.4-2 all server-side, HTML-embedded scripting language (metapackage) ii php7.3-cli 7.3.4-2 arm64command-line interpreter for the PHP scripting language ii php7.3-common 7.3.4-2 arm64documentation, examples and common module for PHP ii php7.3-curl7.3.4-2 arm64CURL module for PHP ii php7.3-gd 7.3.4-2 arm64GD module for PHP ii php7.3-imap7.3.4-2 arm64IMAP module for PHP ii php7.3-json7.3.4-2 arm64JSON module for PHP ii php7.3-ldap7.3.4-2 arm64LDAP module for PHP ii php7.3-mbstring7.3.4-2 arm64MBSTRING module for PHP ii php7.3-opcache 7.3.4-2 arm64Zend OpCache module for PHP ii php7.3-readline7.3.4-2 arm64readline module for PHP
Bug#866419: marked as done (cfv: depends on obsolete python-imaging (replace with python3-pil or python-pil))
Your message dated Sat, 03 Aug 2019 19:34:32 + with message-id and subject line Bug#866419: fixed in cfv 1.18.3-2.1 has caused the Debian Bug report #866419, regarding cfv: depends on obsolete python-imaging (replace with python3-pil or python-pil) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 866419: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866419 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:cfv Version: 1.18.3-2 Severity: important Tags: sid buster User: d...@debian.org Usertags: imaging-pillow One or more binary packages built from this source depends on or recommends python-imaging, which is obsolete for some years now. Please build the source using the python-pil package. If your package doesn't need to be built with Python2, please consider using Python3 and depend on python3-pil. Planning to remove python-imaging for the buster release, so the severity of this issues might be raised. --- End Message --- --- Begin Message --- Source: cfv Source-Version: 1.18.3-2.1 We believe that the bug you reported is fixed in the latest version of cfv, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 866...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Joao Eriberto Mota Filho (supplier of updated cfv package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 24 Jul 2019 12:55:20 -0300 Source: cfv Architecture: source Version: 1.18.3-2.1 Distribution: unstable Urgency: medium Maintainer: Stefan Alfredsson Changed-By: Joao Eriberto Mota Filho Closes: 866419 Changes: cfv (1.18.3-2.1) unstable; urgency=medium . * Non-maintainer upload. * Fix a FTBFS: (Closes: #866419) - debian/control: changed from python-imaging to python-pil in Suggests field. Thanks to David Gnedt . - debian/patches/10_fix-python.patch: created to fix PIL namespace. Thanks to David Gnedt . Checksums-Sha1: 13f9ec2b77efc5c1de14017b3f7f3bb8645300ad 1692 cfv_1.18.3-2.1.dsc 1b8b61128adb3711d0bd270d019828372f655ce1 5880 cfv_1.18.3-2.1.debian.tar.xz f35c94c23d75a20871a0dfc0e74196821bb0512b 5526 cfv_1.18.3-2.1_source.buildinfo Checksums-Sha256: 82ea8258479b6ed8ad9525e05f1506d85c265a4a09e6ef6def980591891a44e7 1692 cfv_1.18.3-2.1.dsc ae839eb48510ec7ea8843a5692ccb49cbe315e03bedd7a46ed97751dcc86943d 5880 cfv_1.18.3-2.1.debian.tar.xz e1e3eb1a381f411145490f72cf510e26f85bd65834978407ef86af5ef4ce46c9 5526 cfv_1.18.3-2.1_source.buildinfo Files: 14c813eb1b50068b916d4fc44706655b 1692 utils optional cfv_1.18.3-2.1.dsc bdf1e77f9fea1fe0108fade22562673e 5880 utils optional cfv_1.18.3-2.1.debian.tar.xz 6893a97f6c5aabb3eff78d0ef6468fd4 5526 utils optional cfv_1.18.3-2.1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEENX3LDuyVoBrrofDS3mO5xwTr6e8FAl04qG0ACgkQ3mO5xwTr 6e8p8A//ZHY5l9Lj+OBTToCIQHOXt91Oi8BD94GnyE7GexWCj+TofIai1Zv2c7ib GJzcacc5tpv4yV5FSxh7pFVAYE+ZxzXut+cz51ngwalMhVjlgsIS4v5kLHxUh9Wv pYNRj0ON+SQbk6OBSokOKNFWGwPm1CuC1dqYS2sJByA+F+LCLX+oRb83Xxjzih1q 86sDpEPisAwBmopkbhfr2mVBOw+99HFiGMCRh3NnieN06J5vQCBhdpaS44STd+zP g41aYuenXn3eup5ORmRIe/H2hcBUMtm02L9TeApDQh3K+OLZstjkjrG5bQGxv+bR BDxxdsZkbDwjtawS9CzcbGACoD60fwBMZNKVFobbTcEB4eXVfWZZmsCb4Qo5IBMS ic/8u8SkmPHYHKC+oHb3Cy4i14Ry/YZRM8baArxxVr+MVnW7Etsi+Y4cOjbe4XWm 46S6B72jifq3qTuA41fFSlyTsKeXjG6RihMApcVxuoa1Afu5Zn2ucv4xlqmv8SIm nMyZCwAlNN68zOjjEvm+cPP4sQTS4feU8CxprgDwr6OuLDgN2HqJij+sHn0KTYhY 02eTdb0qtTDc11zLi8zf5eXsnNlS0UmKVmm9KG29ROw3yPBtJb+qrEr7PNiKjOWq N5id6VctigXzgF44FN4deURiq3VYKCMkMTqh13WSVLTp3Svms0k= =egJh -END PGP SIGNATURE End Message ---
Bug#931081: marked as done (libyubikey-udev: missing Breaks+Replaces: libykpers-1-1 (<< 1.19.3))
Your message dated Sat, 03 Aug 2019 19:05:49 + with message-id and subject line Bug#931081: fixed in yubikey-personalization 1.19.3-3+deb10u1 has caused the Debian Bug report #931081, regarding libyubikey-udev: missing Breaks+Replaces: libykpers-1-1 (<< 1.19.3) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 931081: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931081 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libyubikey-udev Version: 1.19.3-3 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'stretch'. It installed fine in 'stretch', then the upgrade to 'buster' fails because it tries to overwrite other packages files without declaring a Breaks+Replaces relation. See policy 7.6 at https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces >From the attached log (scroll to the bottom...): Preparing to unpack .../libyubikey-udev_1.19.3-3_all.deb ... Unpacking libyubikey-udev (1.19.3-3) ... dpkg: error processing archive /var/cache/apt/archives/libyubikey-udev_1.19.3-3_all.deb (--unpack): trying to overwrite '/lib/udev/rules.d/69-yubikey.rules', which is also in package libykpers-1-1:amd64 1.17.3-1 Errors were encountered while processing: /var/cache/apt/archives/libyubikey-udev_1.19.3-3_all.deb The version (<< 1.19.3) is based on this changelog entry in 1.19.3-1: * Replace custom udev rules with libu2f-udev. Also drop build dependency on udev cheers, Andreas libykpers-1-1=1.17.3-1_libyubikey-udev=1.19.3-3.log.gz Description: application/gzip --- End Message --- --- Begin Message --- Source: yubikey-personalization Source-Version: 1.19.3-3+deb10u1 We believe that the bug you reported is fixed in the latest version of yubikey-personalization, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 931...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Nicolas Braud-Santoni (supplier of updated yubikey-personalization package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 20 Jul 2019 11:43:51 +0200 Source: yubikey-personalization Architecture: source Version: 1.19.3-3+deb10u1 Distribution: buster Urgency: medium Maintainer: Debian Authentication Maintainers Changed-By: Nicolas Braud-Santoni Closes: 931081 Changes: yubikey-personalization (1.19.3-3+deb10u1) buster; urgency=medium . * Backport security improvements from v1.20.0 * debian/control: Add missing Break+Replaces on libyubikey-udev Closes: #931081 Checksums-Sha1: 6ef5627e29f9544cc4a9454ea28f95827319035e 2570 yubikey-personalization_1.19.3-3+deb10u1.dsc a759f52bdb2b96f4ed026dab73d5d1a52a2d4c03 54452 yubikey-personalization_1.19.3-3+deb10u1.debian.tar.xz 6e6845d6db415a2efe3e4a53decb574c3a809574 7416 yubikey-personalization_1.19.3-3+deb10u1_amd64.buildinfo Checksums-Sha256: 6b568643a85962d346ff08f2cb51a4961ca384d0ea898de8e6c86ed35111aa7f 2570 yubikey-personalization_1.19.3-3+deb10u1.dsc 749b8b78d7ac98643565f02eefbb4a86a0b9d4f123d15c1a553a4e918c44d462 54452 yubikey-personalization_1.19.3-3+deb10u1.debian.tar.xz 11f2ad52c0aca4f1e232523af236db99a3933659d4b963336ed5ec5dd3979c45 7416 yubikey-personalization_1.19.3-3+deb10u1_amd64.buildinfo Files: ff3d34e06994be9e644fb77b519fd6e8 2570 utils optional yubikey-personalization_1.19.3-3+deb10u1.dsc 0b88db66015a5edf054ed1dbd6f9b972 54452 utils optional yubikey-personalization_1.19.3-3+deb10u1.debian.tar.xz 75fdb8bd529c188bcd79437bea953ed5 7416 utils optional yubikey-personalization_1.19.3-3+deb10u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEU7EqA8ZVHYoLJhPE5vmO4pLV7MsFAl1AbgIACgkQ5vmO4pLV 7MsBcg//Tui+EKsFreOjfZqF9Lf61/IPByge9qYXufrNrv0uIuOlM/9++nloWCvh zhkIwVyuT1Mb0DBqwqYtGjV9T4LP8ULlXwKvzMWsCleQeOej+kvMHlSsqMm8RZIh ZYD9lZjvBP7bYYvLUC1I3QHAQLwsv+A9lITHZkQqtH/xgQyvzs/D75hhWMFBlwGz v2yrbBZw7oE7jVPBO5qH/19UuD/cTFLNo3mdWzHax2AFKhXMdYs2l3JPEL3hwyiL t/qGcklF7XJoTRnadflfO1aS1tqOtgYBoBloKGOfjsRWKjH0FeMkD7VHTeBUf5Yk
Bug#931169: marked as done (hfst: add Breaks: libhfst45-dev for smoother upgrades from stretch)
Your message dated Sat, 03 Aug 2019 19:05:27 + with message-id and subject line Bug#931169: fixed in hfst 3.15.0-1.1~deb10u1 has caused the Debian Bug report #931169, regarding hfst: add Breaks: libhfst45-dev for smoother upgrades from stretch to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 931169: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931169 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: hfst Version: 3.15.0-1 Severity: serious Tags: patch User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to properly upgrade from stretch. In some cases the old hfst package from stretch is kept installed in order to keep the obsolete libhfst45-dev installed. apt does not upgrade from virtual packages to real packages. A better solution would have been to re-introduce a libhfst45-dev transitional package, but it's probably too late to do this in a buster point release. Adding the Breaks should be easy in a buster point release. Andreas diff -Nru hfst-3.15.0/debian/changelog hfst-3.15.0/debian/changelog --- hfst-3.15.0/debian/changelog2018-10-13 08:46:11.0 +0200 +++ hfst-3.15.0/debian/changelog2019-06-27 12:13:44.0 +0200 @@ -1,3 +1,11 @@ +hfst (3.15.0-1.1) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * hfst: Add Breaks: libhfst45-dev for smoother upgrades from stretch. +(Closes: #xx) + + -- Andreas Beckmann Thu, 27 Jun 2019 12:13:44 +0200 + hfst (3.15.0-1) unstable; urgency=low [ Tino Didriksen ] diff -Nru hfst-3.15.0/debian/control hfst-3.15.0/debian/control --- hfst-3.15.0/debian/control 2018-10-13 08:06:09.0 +0200 +++ hfst-3.15.0/debian/control 2019-06-27 12:13:44.0 +0200 @@ -30,6 +30,7 @@ ${misc:Depends}, ${python:Depends}, ${shlibs:Depends} +Breaks: libhfst45-dev Description: Helsinki Finite-State Transducer Technology The Helsinki Finite-State Transducer software is intended for the implementation of morphological analysers and other tools which are libhfst45-dev_None.log.gz Description: application/gzip --- End Message --- --- Begin Message --- Source: hfst Source-Version: 3.15.0-1.1~deb10u1 We believe that the bug you reported is fixed in the latest version of hfst, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 931...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Beckmann (supplier of updated hfst package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 30 Jul 2019 09:27:52 +0200 Source: hfst Architecture: source Version: 3.15.0-1.1~deb10u1 Distribution: buster Urgency: medium Maintainer: Debian Science Team Changed-By: Andreas Beckmann Closes: 931169 Changes: hfst (3.15.0-1.1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster. . hfst (3.15.0-1.1) unstable; urgency=medium . * Non-maintainer upload. * hfst: Add Breaks: libhfst45-dev for smoother upgrades from stretch. (Closes: #931169) Checksums-Sha1: 801698a1a306d4831010940b53976c6bb04ebacc 2386 hfst_3.15.0-1.1~deb10u1.dsc 5d721867f4a810a9205be49546199f96e61cacc8 4832 hfst_3.15.0-1.1~deb10u1.debian.tar.xz 3c23a54c85a4d715018ec0aaa02d81afe801e1d6 6785 hfst_3.15.0-1.1~deb10u1_source.buildinfo Checksums-Sha256: 4c0eea918341edd5d0d74b9463af62458edad0c2464c122b94071fc40b778faf 2386 hfst_3.15.0-1.1~deb10u1.dsc be2a646b1775287815cb14966104875380c6ba1a4dcb4bc5d1b15fbec14ffac5 4832 hfst_3.15.0-1.1~deb10u1.debian.tar.xz 5d3ae92be7b12b8995af99ee381c1507d17b6c18a91f8174210124912e9d324d 6785 hfst_3.15.0-1.1~deb10u1_source.buildinfo Files: d6ba265ffd506c1e574301146557c0b5 2386 science optional hfst_3.15.0-1.1~deb10u1.dsc 6687613bbaac0631edbbf1fae019ba94 4832 science optional hfst_3.15.0-1.1~deb10u1.debian.tar.xz def533286288d7096c4eac1f21fc5e35 6785 science optional hfst_3.15.0-1.1~deb10u1_source.buildinfo -BEGIN PGP SIGNATURE- iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAl1AAjIQHGFuYmVAZGVi aWFuLm9yZwAKCRBfsz+TWentCF8YD/9AA05cGuvcfezbxHWmpgHR+/4gkYlOftHU
Bug#930050: marked as done (miniupnpd: CVE-2019-12107 CVE-2019-12108 CVE-2019-12109 CVE-2019-12110 CVE-2019-12111)
Your message dated Sat, 03 Aug 2019 19:06:20 + with message-id and subject line Bug#930050: fixed in miniupnpd 1.8.20140523-4.1+deb9u2 has caused the Debian Bug report #930050, regarding miniupnpd: CVE-2019-12107 CVE-2019-12108 CVE-2019-12109 CVE-2019-12110 CVE-2019-12111 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 930050: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930050 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: miniupnpd Version: 2.1-5 Severity: grave Tags: security upstream Justification: user security hole Control: found -1 1.8.20140523-4.1+deb9u1 Control: found -1 1.8.20140523-1 Hi, The following vulnerabilities were published for miniupnpd. CVE-2019-12107[0]: | The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd | through 2.1 allows a remote attacker to leak information from the heap | due to improper validation of an snprintf return value. CVE-2019-12108[1]: | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 | exists due to a NULL pointer dereference in GetOutboundPinholeTimeout | in upnpsoap.c for int_port. CVE-2019-12109[2]: | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 | exists due to a NULL pointer dereference in GetOutboundPinholeTimeout | in upnpsoap.c for rem_port. CVE-2019-12110[3]: | An AddPortMapping Denial Of Service vulnerability in MiniUPnP | MiniUPnPd through 2.1 exists due to a NULL pointer dereference in | upnpredirect.c. CVE-2019-12111[4]: | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 | exists due to a NULL pointer dereference in copyIPv6IfDifferent in | pcpserver.c. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-12107 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12107 [1] https://security-tracker.debian.org/tracker/CVE-2019-12108 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12108 [2] https://security-tracker.debian.org/tracker/CVE-2019-12109 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12109 [3] https://security-tracker.debian.org/tracker/CVE-2019-12110 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12110 [4] https://security-tracker.debian.org/tracker/CVE-2019-12111 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12111 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: miniupnpd Source-Version: 1.8.20140523-4.1+deb9u2 We believe that the bug you reported is fixed in the latest version of miniupnpd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 930...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thomas Goirand (supplier of updated miniupnpd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 07 Jun 2019 09:16:03 +0200 Source: miniupnpd Binary: miniupnpd Architecture: source Version: 1.8.20140523-4.1+deb9u2 Distribution: stretch Urgency: medium Maintainer: Thomas Goirand Changed-By: Thomas Goirand Description: miniupnpd - UPnP and NAT-PMP daemon for gateway routers Closes: 930050 Changes: miniupnpd (1.8.20140523-4.1+deb9u2) stretch; urgency=medium . * Applied upstream patches for CVE-2019-12107, CVE-2019-12108, CVE-2019-12109, CVE-2019-12110. This version looks like not affected by CVE-2019-12111. (Closes: #930050). Checksums-Sha1: 7bca0a9187fc3a15cf876120fdc6e6b044dd23fa 1973 miniupnpd_1.8.20140523-4.1+deb9u2.dsc c5447ef5ac5a938305799243d222756743ad4679 19660 miniupnpd_1.8.20140523-4.1+deb9u2.debian.tar.xz ca266c8ca29195879340b9e300bb988dd6e8e36b 6347 miniupnpd_1.8.20140523-4.1+deb9u2_amd64.buildinfo Checksums-Sha256: 9ed902ef2e830dd51a5e127a2d966cd664cc3d67c3d2c0ed7c33fe82deca0e27 1973 miniupnpd_1.8.20140523-4.1+deb9u2.dsc 28ce01d21d0d3695e0730193dccba3b17c9e40630a4252fc5d405a5fee105def 19660 miniupnpd_1.8.20140523-4.1+deb9u2.debian.tar.xz
Bug#931379: marked as done (=> operator becomes = > thus creating syntax errors)
Your message dated Sat, 03 Aug 2019 19:05:28 + with message-id and subject line Bug#931379: fixed in libjavascript-beautifier-perl 0.25-1+deb10u1 has caused the Debian Bug report #931379, regarding => operator becomes = > thus creating syntax errors to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 931379: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931379 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- X-Debbugs-Cc: fayl...@gmail.com Package: libjavascript-beautifier-perl Version: 0.25-1 Severity: grave File: /usr/bin/js_beautify js_beautify changes the => operator into = > thus creating syntax errors, making one's code unusable. fetch('https://example.com/').then(resp = >resp.blob()).then(blob = >{ const url = window.URL.createObjectURL(blob); const a = document.createElement('a'); a.style.display = 'none'; a.href = url; // the filename you want a.download = 'z.html'; document.body.appendChild(a); a.click(); window.URL.revokeObjectURL(url); alert('your file has downloaded!'); }). catch(() = >alert('oh no!')); --- End Message --- --- Begin Message --- Source: libjavascript-beautifier-perl Source-Version: 0.25-1+deb10u1 We believe that the bug you reported is fixed in the latest version of libjavascript-beautifier-perl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 931...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Xavier Guimard (supplier of updated libjavascript-beautifier-perl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 03 Jul 2019 18:40:37 +0200 Source: libjavascript-beautifier-perl Architecture: source Version: 0.25-1+deb10u1 Distribution: buster Urgency: medium Maintainer: Debian Perl Group Changed-By: Xavier Guimard Closes: 931379 Changes: libjavascript-beautifier-perl (0.25-1+deb10u1) buster; urgency=medium . * Team upload * Add missing "=>" operator (ES6) (Closes: #931379) Checksums-Sha1: e3aaf422c424b93570d2ca9198dd79e06e478802 2300 libjavascript-beautifier-perl_0.25-1+deb10u1.dsc a9914e3a40a0770fcffdee61d1319a14b9f39881 4348 libjavascript-beautifier-perl_0.25-1+deb10u1.debian.tar.xz Checksums-Sha256: 411736210366a6322ce7ebeff864c72689cba7f1514a558a00943f6a3d435284 2300 libjavascript-beautifier-perl_0.25-1+deb10u1.dsc ac1a6a35d8a2a6848094547b4c7de6aefeb3ccfded92fa78907553eebff54729 4348 libjavascript-beautifier-perl_0.25-1+deb10u1.debian.tar.xz Files: ca8cda7f7127c11a82b06eb3ad0089f8 2300 perl optional libjavascript-beautifier-perl_0.25-1+deb10u1.dsc bd6403486b9a7918d5318809fd29 4348 perl optional libjavascript-beautifier-perl_0.25-1+deb10u1.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEAN/li4tVV3nRAF7J9tdMp8mZ7ukFAl079UcACgkQ9tdMp8mZ 7umLTA/+ODf2PyOzrWukJVldzlmdzLsYXHXj8TMgFSW5b4OpKfgiqy9ZGAMSaV4P FEb7BcZGBsQWVsGIWTWa/FZF1LUbepddYXeLNf6usjyuLnN2P0hzG4HZ1p3OZs82 3dTQSobxzXlUC7DQCNnUSn4aG+1DTvtOcHdDbIwrLRSJxjkz4DOm9kQ6HTY+LzvS bYzSAk8oR7iWa+2Ct59ewUyga6SXG/QQduE7MldZASrYx3cbf5tGwVuTi+prsXH2 is9CwNT3tjiVdzmtpF0+BNHDOdunWYAx/B9N5yvOy4FY5nQ4pWBHstp46OYrYBjP UdEP5mqEARb1yoJTw49/3j8GA/10lZ6QNCg043VVC/+p8ns3+0AtYbtV7l/0IW3Q /d/aK/ADJLrDCKCafr1rGnTxEGBrkQq4PXl7fApPOXteZipovIOQNCblj71C1ytS xiFvw9R6OQtuECbSmzQ3CRci6TFp2nyMDBbJIB30HjZpW4aXDXqL174dxoX2BmhS iMW3Uco0Jw/zRUtWlUJqcuMVJIFiGv23+H1cF2Qyq5LrCzbHuyJlGacHr9LZHar8 aCuvx3HdRCYTH3TDOF4NkUamM/FZE0u5y/aTgqc3zPH3bY9pu1dKAmg+aMsgo4YZ xvTL9rcoFbzCphE+8uicCHEQixpUDP2L965XXe517u6I+T0Y5Zs= =921I -END PGP SIGNATURE End Message ---
Bug#925340: nvidia-graphics-drivers-legacy-304xx: does not support Linux 5.0 or newer
Package: nvidia-legacy-304xx-kernel-dkms Version: 304.137-7 Followup-For: Bug #925340 To whom it may concern, I patched the version in debian for post-5.0 kernels. The patch is available at http://blog.schmorp.de/data/nvidia/nvidia-legacy-304xx-304.137-linux5.patch and applies cleanly against /usr/src/nvidia-legacy-304xx-304.137 from nvidia-legacy-304xx-kernel-dkms in buster. All of the changes were due to switching to the newer ktime interface (also available in older kernels) and the fact that DRIVER_FEATURE_LEGACY is no longer a symbol but an enum. The patch is not very long or complicated, so maybe the debian maintainer, who does such a great job with this legacy package, might find it in his heart to consider applying it, although the reason I amended this ticket is for other people to find it, not to ask for this patch to be applied :) Thanks for your consideration, and may this be helpful to somebody else. -- System Information: Debian Release: 10.0 APT prefers stable APT policy: (990, 'stable'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-debug'), (500, 'oldstable-updates'), (500, 'oldstable-debug'), (500, 'unstable'), (500, 'testing'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, x32 Kernel: Linux 5.1.21-050121-generic (SMP w/8 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=POSIX (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages nvidia-legacy-304xx-kernel-dkms depends on: ii dkms2.6.1-4 ii nvidia-installer-cleanup20151021+9 pn nvidia-legacy-304xx-kernel-support--v1 Versions of packages nvidia-legacy-304xx-kernel-dkms recommends: pn nvidia-legacy-304xx-driver | libnvidia-legacy-304xx-cuda1 nvidia-legacy-304xx-kernel-dkms suggests no packages.
Bug#933598: marked as done (Most extensions now crash upon browser start)
Your message dated Sat, 03 Aug 2019 17:13:41 + with message-id and subject line Bug#933598: fixed in chromium 76.0.3809.87-2 has caused the Debian Bug report #933598, regarding Most extensions now crash upon browser start to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 933598: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933598 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: chromium Version: 76.0.3809.87-1 Severity: normal After upgrading Chromium from version 76.0.3809.71-1, the uMatrix extension: https://chrome.google.com/webstore/detail/umatrix/ogfcmafjalglgifnmanfmnieipoe started crashing on browser startup. On crash, the following balloon message is displayed: uMatrix has crashed. Click this balloon to reload the extension. As well as the following messages to stderr: [4427:4427:0731/225810.582068:ERROR:bad_message.cc(22)] Terminating extension [4427:4427:0731/225810.582202:ERROR:bad_message.cc(22)] Terminating extension [4427:4427:0731/225810.582242:ERROR:extension_function.cc(476)] Bad extension [4468:4468:0731/225810.702874:ERROR:buffer_manager.cc(488)] [.DisplayComposito Reloading the extension has the same effect. This is likely upstream bug 983675: Three Extensions Failing Without Prior Issue: https://bugs.chromium.org/p/chromium/issues/detail?id=983675 -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (800, 'testing'), (700, 'unstable'), (600, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_WARN Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages chromium depends on: ii chromium-common 76.0.3809.87-1 ii libasound2 1.1.8-1 ii libatk-bridge2.0-0 2.30.0-5 ii libatk1.0-0 2.30.0-2 ii libatomic1 9.1.0-10 ii libatspi2.0-02.30.0-7 ii libavcodec58 7:4.1.4-1 ii libavformat587:4.1.4-1 ii libavutil56 7:4.1.4-1 ii libc62.28-10 ii libcairo-gobject21.16.0-4 ii libcairo21.16.0-4 ii libcups2 2.2.10-6 ii libdbus-1-3 1.12.16-1 ii libdrm2 2.4.97-1 ii libevent-2.1-6 2.1.8-stable-4 ii libexpat12.2.7-1 ii libflac8 1.3.2-3 ii libfontconfig1 2.13.1-2 ii libfreetype6 2.9.1-4 ii libgcc1 1:9.1.0-10 ii libgdk-pixbuf2.0-0 2.38.1+dfsg-1 ii libglib2.0-0 2.58.3-3 ii libgtk-3-0 3.24.5-1 ii libharfbuzz0b2.4.0-2 ii libicu63 63.2-2 ii libjpeg62-turbo 1:1.5.2-2+b1 ii libjsoncpp1 1.7.4-3 ii liblcms2-2 2.9-3 ii libminizip1 1.1-8+b1 ii libnspr4 2:4.21-1 ii libnss3 2:3.45-1 ii libopenjp2-7 2.3.0-2 ii libopus0 1.3-1 ii libpango-1.0-0 1.42.4-6 ii libpangocairo-1.0-0 1.42.4-6 ii libpci3 1:3.6.2-2 ii libpng16-16 1.6.37-1 ii libpulse012.2-4 ii libre2-5 20190101+dfsg-2+b1 ii libsnappy1v5 1.1.7-1 ii libstdc++6 9.1.0-10 ii libvpx5 1.7.0-3 ii libwebp6 0.6.1-2 ii libwebpdemux20.6.1-2 ii libwebpmux3 0.6.1-2 ii libx11-6 2:1.6.7-1 ii libx11-xcb1 2:1.6.7-1 ii libxcb1 1.13.1-2 ii libxcomposite1 1:0.4.4-2 ii libxcursor1 1:1.2.0-2 ii libxdamage1 1:1.1.5-1 ii libxext6 2:1.3.3-1+b2 ii libxfixes3 1:5.0.3-1 ii libxi6 2:1.7.9-1 ii libxml2 2.9.4+dfsg1-7+b3 ii libxrandr2 2:1.5.1-1 ii libxrender1 1:0.9.10-1 ii libxslt1.1 1.1.32-2 ii libxss1 1:1.2.3-1 ii libxtst6 2:1.2.3-1 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages chromium recommends: ii chromium-sandbox 76.0.3809.87-1 Versions of packages chromium suggests: pn chromium-driver pn chromium-l10n pn chromium-shell Versions of packages chromium-common depends on: ii x11-utils 7.7+4 ii xdg-utils 1.1.3-1 Versions of packages chromium-common recommends: ii chromium-sandbox 76.0.3809.87-1 ii fonts-liberation 1:1.07.4-10 ii libgl1-mesa-dri18.3.6-2 pn libu2f-udev pn notification-daemon pn system-config-printer pn upower Versions
Bug#933799: geary FTBFS - ERROR: Problem encountered: SQLite3 is missing FTS3 tokenizer support
Package: geary version: 3.32.0-1 Severity: serious I tried building in both buster and sid, both builds failed. Built with an uptodate chroot using sbuild. Header has symbol "SQLITE_DBCONFIG_ENABLE_FTS3_TOKENIZER" with dependency sqlite3: NO meson.build:111:2: ERROR: Problem encountered: SQLite3 is missing FTS3 tokenizer support. Please compile it with -DSQLITE_ENABLE_FTS3. See https://bugzilla.gnome.org/show_bug.cgi?id=763203 for details.
Processed: reassign 920358 to src:kopete, merging 916151 920358
Processing commands for cont...@bugs.debian.org: > reassign 920358 src:kopete Bug #920358 {Done: Hilko Bengen } [kopete] kopete: FTBFS, apparently with newer glibc Bug reassigned from package 'kopete' to 'src:kopete'. No longer marked as found in versions kopete/4:17.08.3-2. No longer marked as fixed in versions kopete/4:17.08.3-2.1. > merge 916151 920358 Bug #916151 {Done: Hilko Bengen } [src:kopete] kopete FTBFS with glibc 2.28 Bug #916151 {Done: Hilko Bengen } [src:kopete] kopete FTBFS with glibc 2.28 Added tag(s) patch. Bug #920358 {Done: Hilko Bengen } [src:kopete] kopete: FTBFS, apparently with newer glibc Marked as fixed in versions kopete/4:17.08.3-2.1. Marked as found in versions kopete/4:17.08.3-2. Added tag(s) ftbfs. Merged 916151 920358 > thanks Stopping processing here. Please contact me if you need assistance. -- 916151: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916151 920358: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920358 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#933798: libnetfilter-conntrack-dev: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE
Package: libnetfilter-conntrack-dev Version: 1.0.7-2 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, an upgrade test with piuparts revealed that your package installs files over existing symlinks and possibly overwrites files owned by other packages. This usually means an old version of the package shipped a symlink but that was later replaced by a real (and non-empty) directory. This kind of overwriting another package's files cannot be detected by dpkg. This was observed on the following upgrade paths: stable -> testing -> sid For /usr/share/doc/PACKAGE this may not be problematic as long as both packages are installed, ship byte-for-byte identical files and are upgraded in lockstep. But once one of the involved packages gets removed, the other one will lose its documentation files, too, including the copyright file, which is a violation of Policy 12.5: https://www.debian.org/doc/debian-policy/ch-docs.html#copyright-information For other overwritten locations anything interesting may happen. Note that dpkg intentionally does not replace directories with symlinks and vice versa, you need the maintainer scripts to do this. See in particular the end of point 4 in https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#details-of-unpack-phase-of-installation-or-upgrade It is recommended to use the dpkg-maintscript-helper commands 'dir_to_symlink' and 'symlink_to_dir' (available since dpkg 1.17.14) to perform the conversion, ideally using d/$PACKAGE.maintscript. See dpkg-maintscript-helper(1) and dh_installdeb(1) for details. >From the attached log (scroll to the bottom...): 0m55.4s ERROR: FAIL: silently overwrites files via directory symlinks: /usr/share/doc/libnetfilter-conntrack-dev/changelog.Debian.gz (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/changelog.Debian.gz (libnetfilter-conntrack3:amd64) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/copyright (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/copyright (libnetfilter-conntrack3:amd64) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/examples (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples (?) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-create.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-create.c (?) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-del.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-del.c (?) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-dump-labels.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-dump-labels.c (?) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-dump.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-dump.c (?) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-event.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-event.c (?) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-flush.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-flush.c (?) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-get.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-get.c (?) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-set-label.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-set-label.c (?) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/examples/nfexp-mnl-dump.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfexp-mnl-dump.c (?) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 /usr/share/doc/libnetfilter-conntrack-dev/examples/nfexp-mnl-event.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfexp-mnl-event.c (?) /usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3 cheers,
Processed (with 1 error): forcibly merging 916151 920358
Processing commands for cont...@bugs.debian.org: > forcemerge 916151 920358 Bug #916151 {Done: Hilko Bengen } [src:kopete] kopete FTBFS with glibc 2.28 Unable to merge bugs because: package of #920358 is 'kopete' not 'src:kopete' Failed to forcibly merge 916151: Did not alter merged bugs. > thanks Stopping processing here. Please contact me if you need assistance. -- 916151: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916151 920358: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920358 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#933796: python3-adios: fails to upgrade from 'testing': unable to install new version of '/usr/lib/python3/dist-packages/adios_openmpi/_hl/__init__.py': No such file or directory
Package: python3-adios Version: 1.13.1-18 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'testing'. It installed fine in 'testing', then the upgrade to 'sid' fails. >From the attached log (scroll to the bottom...): Preparing to unpack .../python3-adios_1.13.1-18_amd64.deb ... Unpacking python3-adios (1.13.1-18) over (1.13.1-16) ... dpkg: error processing archive /var/cache/apt/archives/python3-adios_1.13.1-18_amd64.deb (--unpack): unable to install new version of '/usr/lib/python3/dist-packages/adios_openmpi/_hl/__init__.py': No such file or directory [Errno 2] No such file or directory: '/usr/lib/python3/dist-packages/adios_openmpi/_hl/__init__.py' [Errno 2] No such file or directory: '/usr/lib/python3/dist-packages/adios_openmpi/_hl/selections.py' dpkg: error while cleaning up: installed python3-adios package post-installation script subprocess returned error exit status 1 Errors were encountered while processing: /var/cache/apt/archives/python3-adios_1.13.1-18_amd64.deb cheers, Andreas python3-adios_1.13.1-18.log.gz Description: application/gzip
Processed (with 1 error): severity of 920358 is serious, merging 920358 916151
Processing commands for cont...@bugs.debian.org: > severity 920358 serious Bug #920358 {Done: Hilko Bengen } [kopete] kopete: FTBFS, apparently with newer glibc Severity set to 'serious' from 'normal' > merge 920358 916151 Bug #920358 {Done: Hilko Bengen } [kopete] kopete: FTBFS, apparently with newer glibc Unable to merge bugs because: package of #916151 is 'src:kopete' not 'kopete' Failed to merge 920358: Did not alter merged bugs. > thanks Stopping processing here. Please contact me if you need assistance. -- 916151: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916151 920358: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920358 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: ocaml-nox/ocaml-base-nox: missing Breaks+Replaces: ocaml-base-nox/ocaml-nox (<< 4.08)
Processing control commands: > affects -1 + ocaml-compiler-libs Bug #933792 [ocaml-nox,ocaml-base-nox] ocaml-nox/ocaml-base-nox: missing Breaks+Replaces: ocaml-base-nox/ocaml-nox (<< 4.08) Added indication that 933792 affects ocaml-compiler-libs -- 933792: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933792 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#933792: ocaml-nox/ocaml-base-nox: missing Breaks+Replaces: ocaml-base-nox/ocaml-nox (<< 4.08)
Package: ocaml-nox,ocaml-base-nox Version: 4.08.0-3 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Control: affects -1 + ocaml-compiler-libs Hi, during a test with piuparts I noticed your package fails to upgrade from 'sid' to 'experimental'. It installed fine in 'sid', then the upgrade to 'experimental' fails because it tries to overwrite other packages files without declaring a Breaks+Replaces relation. See policy 7.6 at https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces >From the attached log (scroll to the bottom...): Preparing to unpack .../ocaml-base-nox_4.08.0-3_amd64.deb ... Unpacking ocaml-base-nox (4.08.0-3) over (4.05.0-11) ... dpkg: error processing archive /var/cache/apt/archives/ocaml-base-nox_4.08.0-3_amd64.deb (--unpack): trying to overwrite '/usr/lib/ocaml/libasmrun_shared.so', which is also in package ocaml-nox 4.05.0-11 dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) Preparing to unpack .../ocaml-interp_4.08.0-3_amd64.deb ... Unpacking ocaml-interp (4.08.0-3) over (4.05.0-11) ... Preparing to unpack .../ocaml-compiler-libs_4.08.0-3_amd64.deb ... Unpacking ocaml-compiler-libs (4.08.0-3) over (4.05.0-11) ... Preparing to unpack .../ocaml-nox_4.08.0-3_amd64.deb ... Unpacking ocaml-nox (4.08.0-3) over (4.05.0-11) ... dpkg: error processing archive /var/cache/apt/archives/ocaml-nox_4.08.0-3_amd64.deb (--unpack): trying to overwrite '/usr/lib/ocaml/VERSION', which is also in package ocaml-base-nox 4.05.0-11 dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) Errors were encountered while processing: /var/cache/apt/archives/ocaml-base-nox_4.08.0-3_amd64.deb /var/cache/apt/archives/ocaml-nox_4.08.0-3_amd64.deb cheers, Andreas ocaml-compiler-libs_4.08.0-3.log.gz Description: application/gzip
Bug#933785: gitlab: CVE-2019-5470 CVE-2019-5469 CVE-2019-5468 CVE-2019-5466 CVE-2019-5465 CVE-2019-5464 CVE-2019-5463 CVE-2019-5462 CVE-2019-5461
Source: gitlab Version: 11.8.10+dfsg-1 Severity: grave Tags: security upstream Justification: user security hole Hi, The following vulnerabilities were published for gitlab, see [9]. CVE-2019-5470[0]: Information Disclosure Vulnerability Feedback CVE-2019-5469[1]: Arbitrary File Upload via Import Project Archive CVE-2019-5468[2]: User Revokation Bypass with Mattermost Integration CVE-2019-5466[3]: IDOR Label Name Enumeration CVE-2019-5465[4]: Information Disclosure New Issue ID CVE-2019-5464[5]: SSRF Mitigation Bypass CVE-2019-5463[6]: Build Status Disclosure CVE-2019-5462[7]: Trigger Token Impersonation CVE-2019-5461[8]: GitHub Integration SSRF If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-5470 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5470 [1] https://security-tracker.debian.org/tracker/CVE-2019-5469 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5469 [2] https://security-tracker.debian.org/tracker/CVE-2019-5468 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5468 [3] https://security-tracker.debian.org/tracker/CVE-2019-5466 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5466 [4] https://security-tracker.debian.org/tracker/CVE-2019-5465 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5465 [5] https://security-tracker.debian.org/tracker/CVE-2019-5464 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5464 [6] https://security-tracker.debian.org/tracker/CVE-2019-5463 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5463 [7] https://security-tracker.debian.org/tracker/CVE-2019-5462 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5462 [8] https://security-tracker.debian.org/tracker/CVE-2019-5461 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5461 [9] https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/ Please adjust the affected versions in the BTS as needed. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#933784: redmine: fails to install: Could not find gem 'rouge (~> 3.3.0)'
Package: redmine Version: 4.0.1-2 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install. As per definition of the release team this makes the package too buggy for a release, thus the severity. >From the attached log (scroll to the bottom...): Setting up redmine (4.0.1-2) ... [ESC][31mCould not find gem 'rouge (~> 3.3.0)' in any of the gem sources listed in your Gemfile.[ESC][0m dpkg: error processing package redmine (--configure): installed redmine package post-installation script subprocess returned error exit status 1 dpkg: dependency problems prevent configuration of redmine-plugin-custom-css: redmine-plugin-custom-css depends on redmine (>= 2.3.1~); however: Package redmine is not configured yet. dpkg: error processing package redmine-plugin-custom-css (--configure): dependency problems - leaving unconfigured Processing triggers for libc-bin (2.28-10) ... Processing triggers for ca-certificates (20190110) ... Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done. Running hooks in /etc/ca-certificates/update.d... done. Errors were encountered while processing: redmine redmine-plugin-custom-css cheers, Andreas redmine-plugin-custom-css_0.1.6+dfsg-1.log.gz Description: application/gzip
Bug#933743: LibXSLT in Debian stable has three unpatched security vulnerabilities
Hi, On Fri, Aug 02, 2019 at 03:30:41PM -0400, Daniel Richard G. wrote: > Package: libxslt1.1 > Version: 1.1.32-2 > Severity: grave > > The upstream version of LibXSLT shipped in Debian stable (1.1.32) has > the following three CVEs reported against it: > > https://nvd.nist.gov/vuln/detail/CVE-2019-11068 > https://nvd.nist.gov/vuln/detail/CVE-2019-13117 > https://nvd.nist.gov/vuln/detail/CVE-2019-13118 > > Debian has taken notice of these, but has only patched them in jessie > (a.k.a. oldoldstable): > > https://lists.debian.org/debian-lts-announce/2019/04/msg00016.html > https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html > > The current jessie package version of LibXSLT (1.1.28-2+deb8u5) contains > the following patch files: > > CVE-2019-11068.patch > CVE-2019-13117.patch > CVE-2019-13118.patch > > These are not present in 1.1.32-2, and so these vulnerabilities appear > to be exploitable in Debian stable, testing, and sid. As you can see from the security-tracker btw, for all three there are bugs filled already. So why a new bug for all three togheter? :) Btw, they do not warrant a DSA, but LTS might not classify them similarly as for stretch and buster, so there was a DLA because there is no point release in LTS. Regards, Salvatore
Bug#933781: python3-django-pagination: fails to install: SyntaxError: invalid syntax
Package: python3-django-pagination Version: 1.0.7-3 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install. As per definition of the release team this makes the package too buggy for a release, thus the severity. >From the attached log (scroll to the bottom...): Setting up python3-django-pagination (1.0.7-3) ... File "/usr/lib/python3/dist-packages/pagination/templatetags/pagination_tags.py", line 225 except KeyError, AttributeError: ^ SyntaxError: invalid syntax dpkg: error processing package python3-django-pagination (--configure): installed python3-django-pagination package post-installation script subprocess returned error exit status 1 Processing triggers for libc-bin (2.28-10) ... Errors were encountered while processing: python3-django-pagination cheers, Andreas python3-django-pagination_1.0.7-3.log.gz Description: application/gzip
Bug#931777: cinnamon-settings does not start due incompatibility with python3-pil >= 6.0
Package: cinnamon Version: 3.8.8-1 Followup-For: Bug #931777 I confirm the problem. Workaround fixed it, the file that shall be modified is /usr/share/cinnamon/cinnamon-settings/bin/imtools.py. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.2.0-4.4-liquorix-amd64 (SMP w/4 CPU cores; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages cinnamon depends on: ii cinnamon-common 3.8.8-1 ii cinnamon-control-center 3.8.1-1 ii cinnamon-desktop-data3.8.1-2 ii cinnamon-screensaver 3.8.2-1 ii cinnamon-session 3.8.2-1 ii cinnamon-settings-daemon 3.8.4-2 ii cjs 3.8.0-5+b1 ii cups-pk-helper 0.2.6-1+b1 ii dconf-gsettings-backend [gsettings-backend] 0.30.1-2 ii gir1.2-accountsservice-1.0 0.6.45-2 ii gir1.2-caribou-1.0 0.4.21-7 ii gir1.2-clutter-1.0 1.26.2+dfsg-10 ii gir1.2-cmenu-3.0 3.8.2-1 ii gir1.2-cogl-1.0 1.22.2-6 ii gir1.2-cvc-1.0 3.8.1-2 ii gir1.2-gdkpixbuf-2.0 2.38.1+dfsg-1 ii gir1.2-gkbd-3.0 3.26.1-1 ii gir1.2-glib-2.0 1.58.3-2 ii gir1.2-gnomedesktop-3.0 3.30.2.1-2 ii gir1.2-gtk-3.0 3.24.10-1 ii gir1.2-gtkclutter-1.01.8.4-4 ii gir1.2-keybinder-3.0 0.3.2-1 ii gir1.2-meta-muffin-0.0 3.8.2-1 ii gir1.2-nm-1.01.19.90-2 ii gir1.2-nma-1.0 1.8.22-2 ii gir1.2-notify-0.70.7.7-4 ii gir1.2-pango-1.0 1.42.4-6 ii gir1.2-polkit-1.00.105-25 ii gir1.2-soup-2.4 2.64.2-2 ii gir1.2-upowerglib-1.00.99.10-1 ii gir1.2-xapp-1.0 1.2.2-1 ii gkbd-capplet 3.26.1-1 ii gnome-backgrounds3.30.0-1 ii gnome-themes-extra 3.28-1 ii gsettings-desktop-schemas3.28.1-1 ii iso-flags-png-320x2401.0.2-1 ii libatk-bridge2.0-0 2.32.0-2 ii libatk1.0-0 2.32.0-2 ii libc62.28-10 ii libcairo21.16.0-4 ii libcinnamon-desktop4 3.8.1-2 ii libcinnamon-menu-3-0 3.8.2-1 ii libcjs0 3.8.0-5+b1 ii libclutter-1.0-0 1.26.2+dfsg-10 ii libcogl-pango20 1.22.2-6 ii libcogl-path20 1.22.2-6 ii libcogl201.22.2-6 ii libcroco30.6.12-3 ii libgdk-pixbuf2.0-0 2.38.1+dfsg-1 ii libgirepository-1.0-11.58.3-2 ii libgl1 1.1.0-1 ii libglib2.0-0 2.60.6-1 ii libglib2.0-bin 2.60.6-1 ii libgstreamer1.0-01.16.0-2 ii libgtk-3-0 3.24.10-1 ii libmuffin0 3.8.2-1 ii libpango-1.0-0 1.42.4-6 ii libpangocairo-1.0-0 1.42.4-6 ii libstartup-notification0 0.12-6 ii libx11-6 2:1.6.7-1 ii libxfixes3 1:5.0.3-1 ii libxml2 2.9.4+dfsg1-7+b3 ii mesa-utils 8.4.0-1+b1 ii muffin 3.8.2-1 ii nemo 3.8.5-1+b1 ii network-manager-gnome1.8.22-2 ii policykit-1-gnome0.105-7 ii python3 3.7.3-1 ii python3-dbus 1.2.8-3 ii python3-gi 3.30.4-1 ii python3-gi-cairo 3.30.4-1 ii python3-pampy1.8.4-1 ii python3-pexpect 4.6.0-1 ii python3-pil
Processed: Re: [DRE-maint] Bug#933066: Bug#933066: ruby-gnome2: autopkgtest regression with GLib 2.60.x: format_size now uses non-breaking space
Processing commands for cont...@bugs.debian.org: > fixed 933066 3.3.5-1 Bug #933066 {Done: d...@debian.org} [src:ruby-gnome2] ruby-gnome2: autopkgtest regression with GLib 2.60.x: format_size now uses non-breaking space Marked as fixed in versions ruby-gnome2/3.3.5-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 933066: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933066 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: tagging 933743, found 933758 in 0.2.7-2, tagging 933758, found 933755 in 0.2.7-2, tagging 933755
Processing commands for cont...@bugs.debian.org: > tags 933743 + security Bug #933743 [libxslt1.1] LibXSLT in Debian stable has three unpatched security vulnerabilities Added tag(s) security. > found 933758 0.2.7-2 Bug #933758 {Done: prono...@debian.org (Kenneth J. Pronovici)} [moap] moap: Pychecker will be removed Marked as found in versions moap/0.2.7-2. > tags 933758 + sid bullseye Bug #933758 {Done: prono...@debian.org (Kenneth J. Pronovici)} [moap] moap: Pychecker will be removed Added tag(s) sid and bullseye. > found 933755 0.2.7-2 Bug #933755 {Done: prono...@debian.org (Kenneth J. Pronovici)} [moap] moap: Epydoc will be removed Marked as found in versions moap/0.2.7-2. > tags 933755 + sid bullseye Bug #933755 {Done: prono...@debian.org (Kenneth J. Pronovici)} [moap] moap: Epydoc will be removed Added tag(s) sid and bullseye. > thanks Stopping processing here. Please contact me if you need assistance. -- 933743: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933743 933755: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933755 933758: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933758 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#928727: marked as done (FTBFS: ImportError: No module named twisted.python.failure)
Your message dated Sat, 03 Aug 2019 10:19:52 + with message-id and subject line Bug#928727: fixed in python-tblib 1.4.0-2 has caused the Debian Bug report #928727, regarding FTBFS: ImportError: No module named twisted.python.failure to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 928727: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928727 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: python-tblib Version: 1.4.0-1 Severity: serious Tags: ftbfs Dear Maintainer, python-tblib currently fails to build from source with the following error message: ERRORS ___ ERROR collecting .pybuild/cpython2_2.7_tblib/build/tests/test_issue30.py ___ tests/test_issue30.py:5: in from twisted.python.failure import Failure E ImportError: No module named twisted.python.failure ___ ERROR collecting .pybuild/cpython2_2.7_tblib/build/tests/test_issue30.py ___ ImportError while importing test module '/build/1st/python-tblib-1.4.0/.pybuild/cpython2_2.7_tblib/build/tests/test_issue30.py'. Hint: make sure your test modules/packages have valid Python names. Traceback: /usr/lib/python2.7/dist-packages/_pytest/python.py:450: in _importtestmodule mod = self.fspath.pyimport(ensuresyspath=importmode) /usr/lib/python2.7/dist-packages/py/_path/local.py:668: in pyimport __import__(modname) /usr/lib/python2.7/dist-packages/_pytest/assertion/rewrite.py:294: in load_module six.exec_(co, mod.__dict__) /usr/lib/python2.7/dist-packages/six.py:709: in exec_ exec("""exec _code_ in _globs_, _locs_""") :1: in ??? tests/test_issue30.py:5: in from twisted.python.failure import Failure E ImportError: No module named twisted.python.failure (see https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/python-tblib.html for more details) I got the same error message when attempting to build it on my Sid system. -- System Information: Debian Release: 10.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores) Kernel taint flags: TAINT_CRAP Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -- mvh / best regards Hans Joachim Desserud http://desserud.org --- End Message --- --- Begin Message --- Source: python-tblib Source-Version: 1.4.0-2 We believe that the bug you reported is fixed in the latest version of python-tblib, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 928...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Colin Watson (supplier of updated python-tblib package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 03 Aug 2019 11:00:35 +0100 Source: python-tblib Architecture: source Version: 1.4.0-2 Distribution: unstable Urgency: medium Maintainer: Debian Python Modules Team Changed-By: Colin Watson Closes: 928727 Changes: python-tblib (1.4.0-2) unstable; urgency=medium . [ Ondřej Nový ] * Use debhelper-compat instead of debian/compat. . [ Colin Watson ] * Build-depend on python*-twisted for the test suite (closes: #928727). * Drop Python 2 support. Checksums-Sha1: fc7aafe8098a0276b6e8e5804b0b0cd04f01b77a 2212 python-tblib_1.4.0-2.dsc 4fd3cdb5b78861318207538780e84cd38c217f4e 2908 python-tblib_1.4.0-2.debian.tar.xz Checksums-Sha256: da886d43151576f6971dd0e14afc7bc1bdb5b76484724b2e9e4c0285d0c3ce97 2212 python-tblib_1.4.0-2.dsc a4a549c47618747b8c23d6891f268f823d1a94b0ef434540b92056f768e011e2 2908 python-tblib_1.4.0-2.debian.tar.xz Files: a46ce0afc06f79fd83202adb5ab0cc3b 2212 python optional python-tblib_1.4.0-2.dsc 0e8f891805c770e024a9540730d0daa8 2908 python optional python-tblib_1.4.0-2.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAl1FW7IACgkQOTWH2X2G UAv87g/7Be1Q3dDhXn6e6sOS8rRqXDBqiIncPUc/fLKDcDMr0UG+W9Jvbi2lDG1s P/iMw6tNr4Kpx1Fwf5g/p7heEy5VKlDYcGT6MU0uHEdwzdwn2OpDRv12/yDlyyJQ
Bug#928727: marked as pending in python-tblib
Control: tag -1 pending Hello, Bug #928727 in python-tblib reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/modules/python-tblib/commit/f153e2cd18054a579ca9d4ff38050c10063cd7fd Build-depend on python*-twisted for the test suite Closes: #928727 (this message was generated automatically) -- Greetings https://bugs.debian.org/928727
Processed: Bug#928727 marked as pending in python-tblib
Processing control commands: > tag -1 pending Bug #928727 [src:python-tblib] FTBFS: ImportError: No module named twisted.python.failure Added tag(s) pending. -- 928727: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928727 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#933066: marked as done (ruby-gnome2: autopkgtest regression with GLib 2.60.x: format_size now uses non-breaking space)
Your message dated Sat, 3 Aug 2019 14:54:12 +0900 with message-id <20190803055412.ga26...@lilith.infoblue.home> and subject line Re: [DRE-maint] Bug#933066: Bug#933066: ruby-gnome2: autopkgtest regression with GLib 2.60.x: format_size now uses non-breaking space has caused the Debian Bug report #933066, regarding ruby-gnome2: autopkgtest regression with GLib 2.60.x: format_size now uses non-breaking space to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 933066: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933066 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: ruby-gnome2 Version: 3.3.2-1 Severity: serious Justification: https://lists.debian.org/debian-devel-announce/2019/07/msg2.html Tags: upstream fixed-upstream patch Forwarded: https://github.com/ruby-gnome2/ruby-gnome2/commit/ac9762af255f276800e0863d1dd07ab9dd653d1b User: debian...@lists.debian.org Usertags: regression X-Debbugs-CC: debian...@lists.debian.org ruby-gnome2's autopkgtest fails when run against GLib 2.60.x from unstable, with 7 failures all similar to this: Failure: test_gb(TestGLibFileUtils::#format_size) /tmp/autopkgtest-lxc.6g_rx45a/downtmp/build.TEl/src/glib2/test/test-file-utils.rb:61:in `test_gb' 58: end 59: 60: def test_gb => 61: assert_equal("1.0 GB", GLib.format_size(1000 * 1000 * 1000)) 62: end 63: 64: def test_over_guint32_value <"1.0 GB"> expected but was <"1.0 GB"> I think the difference here is that the expected result has a space but the actual result has a UTF-8 non-breaking space (U+00A0 NO-BREAK SPACE) as a result of https://gitlab.gnome.org/GNOME/glib/issues/1625 having been fixed. This is a bit more obvious in the Python bindings: $ python3 >>> from gi.repository import GLib >>> GLib.format_size(1000*1000*1000) '1.0\xa0GB' This appears to have been fixed upstream in https://github.com/ruby-gnome2/ruby-gnome2/commit/ac9762af255f276800e0863d1dd07ab9dd653d1b (but note that I haven't tested that patch myself). Please consider applying it. Thanks, smcv --- End Message --- --- Begin Message --- Control: tags -1 - pending Control: fixed -1 ruby-gnome2/3.3.5-1 ruby-gnome2 3.3.6-2 will migrate to testing. -- Regards, dai GPG Fingerprint = 0B29 D88E 42E6 B765 B8D8 EA50 7839 619D D439 668E signature.asc Description: PGP signature --- End Message ---