Bug#951722: autopkgtest suite flaky on arm64
On Sun, May 10, 2020 at 11:06:26PM +0200, Michael Biebl wrote: > > +echo "Waiting for the service to be available" > > +c=0 > > +while ! nc -z -U /var/run/dovecot/auth-userdb; do > > + c=$(($c+1)) > > + sleep 2 > > + if [ $c -gt 30 ]; then > > + echo "Timed out waiting for the service to be available" >&2 > > + exit 1 > > + fi > > +done > > Looping until the service is ready appears to be a workaround/hack at > best imho. I agree, however... > The dovecot service should only signal its readiness when the > communication sockets are ready yet to accept connections. I.e. this > autopkgtest appears to point at a real issue that should be fixed properly. I do not believe that this is an RC issue. In order to address the stale upstream version and pending security updates in sid, and allow the package to again enter bullseye, I propose the following: I will upload a new upstream version to sid containing the workaround for the test failures. I will leave this bug open, but will reduce the severity to 'normal'. In a subsequent upload, I will apply a patch to implement sd_notify and will resolve the bug. Please feel free to send a patch if you don't want to wait however long it'll take for me to get around to putting one together. Dovecot has been essentially unmaintained in Debian since August 2019, and there's quite a backlog of work to do. I'm going to work on getting it back into shape, but it will be a little while before it's where it should be. It won't happen all at once. noah
Processed: out-of-sync bugs are already fixed in unstable by default, so can be closed
Processing commands for cont...@bugs.debian.org: > # All these bugs are already marked fixed in the version in unstable and > # there isn't an out-of-sync anymore, so can be closed > close 953692 Bug #953692 [src:emacs] src:emacs: fails to migrate to testing for too long Marked Bug as done > thanks Stopping processing here. Please contact me if you need assistance. -- 953692: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953692 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#961253: libmecab-perl: Can't load Perl module
Package: libmecab-perl Version: 0.996-12 Severity: grave Dear Maintainer, I can't load and use mecab perl module. I use the simlest perl script. % cat /tmp/mecab.pl #!/usr/bin/perl -w use MeCab; But, I fail to run this script. % /tmp/mecab.pl Can't load '/usr/lib/x86_64-linux-gnu/perl5/5.30/auto/MeCab/MeCab.so' for module MeCab: /usr/lib/x86_64-linux-gnu/perl5/5.30/auto/MeCab/MeCab.so: undefined symbol: _ZN5MeCab6Tagger6createEiPPc at /usr/lib/x86_64-linux-gnu/perl/5.30/DynaLoader.pm line 193. at /usr/lib/x86_64-linux-gnu/perl5/5.30/MeCab.pm line 11. Compilation failed in require at /tmp/mecab.pl line 3. BEGIN failed--compilation aborted at /tmp/mecab.pl line 3. After downgrading libmecab-perl to 0.99.6-2+b4 (got from snapshot.debian.org), it's working fine. Thanks. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.2.0-3-amd64 (SMP w/2 CPU cores) Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8), LANGUAGE=ja_JP.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libmecab-perl depends on: ii libc6 2.30-8 ii libgcc-s1 [libgcc1] 10.1.0-1 ii libgcc1 1:10.1.0-1 ii libmecab2 0.996-12 ii libstdc++6 10.1.0-1 ii perl5.30.2-1 ii perl-base [perlapi-5.30.0] 5.30.2-1 libmecab-perl recommends no packages. libmecab-perl suggests no packages. -- no debconf information OHURA Makoto: oh...@debian.org(Debian Project) oh...@netfort.gr.jp(LILO/Netfort) pgpyNKBxQN3Hq.pgp Description: OpenPGP Digital Signature
Processed: fixed 960963 in 1:2.3.4.1-5+deb10u2
Processing commands for cont...@bugs.debian.org: > fixed 960963 1:2.3.4.1-5+deb10u2 Bug #960963 [src:dovecot] dovecot: CVE-2020-10957 CVE-2020-10958 CVE-2020-10967 Marked as fixed in versions dovecot/1:2.3.4.1-5+deb10u2. > thanks Stopping processing here. Please contact me if you need assistance. -- 960963: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960963 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#960963: status?
On Wed, May 20, 2020 at 12:55:08PM +0200, Tomas Pospisek wrote: > What's the status of this problem? Is anybody working on dovecot to have > this fixed in Debian stable? It was fixed with DSA 4690: https://www.debian.org/security/2020/dsa-4690
Bug#960892: another fix
Hi Martin. Martin Quinson wrote: > I gave another try to this fix, and the current git version of po4a > manages to build aptitude even with the recent patch removed. > > Could you please give it a try, just to ensure that I didn't mess up > my verification? Can confirm. Thanks for caring! Regards, Axel -- ,''`. | Axel Beckert , https://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 `-| 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
Bug#961216: inkscape: symbol resolution problem
However this somehow fixed the problem? $ sudo apt-get build-dep inkscape Reading package lists... Done Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: gir1.2-gdl-3 gir1.2-gtkspell3-3.0 googletest libaspell-dev libatkmm-1.6-dev libcairomm-1.0-dev libcdr-dev libdbus-glib-1-dev libdbus-glib-1-dev-bin libdjvulibre-dev libdouble-conversion-dev libenchant-2-dev libgc-dev libgdl-3-dev libglibmm-2.4-dev libgmock-dev libgsl-dev libgtest-dev libgtkmm-3.0-dev libgtkspell3-3-dev libjemalloc-dev libjemalloc2 liblcms2-dev liblqr-1-0-dev libmagick++-6-headers libmagick++-6.q16-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-dev libmagickwand-6-headers libmagickwand-6.q16-dev libopenjp2-7-dev libpangomm-1.4-dev libpoppler-private-dev libpotrace-dev librevenge-dev librsvg2-dev libsigc++-2.0-dev libvisio-dev libwmf-dev libwpd-dev libwpg-dev libxslt1-dev The following packages will be upgraded: debhelper dh-python gir1.2-rsvg-2.0 libatkmm-1.6-1v5 libcairomm-1.0-1v5 libcdr-0.1-1 libdbus-glib-1-2 libdebhelper-perl libdouble-conversion3 libenchant-2-2 libglibmm-2.4-1v5 libgtkspell3-3-0 liblcms2-2 liblqr-1-0 libmagick++-6.q16-8 libmagickcore-6.q16-6 libmagickcore-6.q16-6-extra libmagickwand-6.q16-6 libpangomm-1.4-1v5 libpotrace0 librevenge-0.0-0 libsigc++-2.0-0v5 libvisio-0.1-1 libwmf0.2-7 libwpd-0.10-10 libwpg-0.3-3 libxslt1.1 27 upgraded, 44 newly installed, 0 to remove and 2032 not upgraded. Need to get 29.5 MB of archives. After this operation, 83.3 MB of additional disk space will be used. Do you want to continue? [Y/n] Get:1 http://ftp.au.debian.org/debian sid/main amd64 libmagickcore-6-headers all 8:6.9.10.23+dfsg-2.1 [49.2 kB] Get:2 http://ftp.au.debian.org/debian sid/main amd64 libmagickwand-6-headers all 8:6.9.10.23+dfsg-2.1 [10.5 kB] Get:3 http://ftp.au.debian.org/debian sid/main amd64 libmagick++-6-headers all 8:6.9.10.23+dfsg-2.1 [47.5 kB] Get:4 http://ftp.au.debian.org/debian sid/main amd64 liblcms2-2 amd64 2.9-4+b1 [146 kB] Get:5 http://ftp.au.debian.org/debian sid/main amd64 liblqr-1-0 amd64 0.4.2-2.1 [29.1 kB] Get:6 http://ftp.au.debian.org/debian sid/main amd64 libmagickcore-6.q16-6 amd64 8:6.9.10.23+dfsg-2.1+b2 [1,787 kB] Get:7 http://ftp.au.debian.org/debian sid/main amd64 libmagickwand-6.q16-6 amd64 8:6.9.10.23+dfsg-2.1+b2 [446 kB] Get:8 http://ftp.au.debian.org/debian sid/main amd64 libmagick++-6.q16-8 amd64 8:6.9.10.23+dfsg-2.1+b2 [278 kB] Get:9 http://ftp.au.debian.org/debian sid/main amd64 libmagickcore-6-arch-config amd64 8:6.9.10.23+dfsg-2.1+b2 [164 kB] Get:10 http://ftp.au.debian.org/debian sid/main amd64 libwmf0.2-7 amd64 0.2.8.4-17 [165 kB] Get:11 http://ftp.au.debian.org/debian sid/main amd64 libmagickcore-6.q16-6-extra amd64 8:6.9.10.23+dfsg-2.1+b2 [206 kB] Get:12 http://ftp.au.debian.org/debian sid/main amd64 libdjvulibre-dev amd64 3.5.27.1-14 [2,398 kB] Get:13 http://ftp.au.debian.org/debian sid/main amd64 libopenjp2-7-dev amd64 2.3.1-1 [46.7 kB] Get:14 http://ftp.au.debian.org/debian sid/main amd64 liblcms2-dev amd64 2.9-4+b1 [9,103 kB] Get:15 http://ftp.au.debian.org/debian sid/main amd64 liblqr-1-0-dev amd64 0.4.2-2.1 [72.2 kB] Get:16 http://ftp.au.debian.org/debian sid/main amd64 gir1.2-rsvg-2.0 amd64 2.48.4+dfsg-1 [23.9 kB] Get:17 http://ftp.au.debian.org/debian sid/main amd64 librsvg2-dev amd64 2.48.4+dfsg-1 [50.1 kB] Get:18 http://ftp.au.debian.org/debian sid/main amd64 libwmf-dev amd64 0.2.8.4-17 [190 kB] Get:19 http://ftp.au.debian.org/debian sid/main amd64 libmagickcore-6.q16-dev amd64 8:6.9.10.23+dfsg-2.1+b2 [1,116 kB] Get:20 http://ftp.au.debian.org/debian sid/main amd64 libmagickwand-6.q16-dev amd64 8:6.9.10.23+dfsg-2.1+b2 [446 kB] Get:21 http://ftp.au.debian.org/debian sid/main amd64 libmagick++-6.q16-dev amd64 8:6.9.10.23+dfsg-2.1+b2 [268 kB] Get:22 http://ftp.au.debian.org/debian sid/main amd64 libmagick++-dev all 8:6.9.10.23+dfsg-2.1 [1,360 B] Get:23 http://ftp.au.debian.org/debian sid/main amd64 debhelper all 13.1 [1,012 kB] Get:24 http://ftp.au.debian.org/debian sid/main amd64 libdebhelper-perl all 13.1 [187 kB] Get:25 http://ftp.au.debian.org/debian sid/main amd64 dh-python all 4.20200315 [91.6 kB] Get:26 http://ftp.au.debian.org/debian sid/main amd64 gir1.2-gdl-3 amd64 3.34.0-1 [32.3 kB] Get:27 http://ftp.au.debian.org/debian sid/main amd64 libenchant-2-2 amd64 2.2.8-1 [50.4 kB] Get:28 http://ftp.au.debian.org/debian sid/main amd64 libgtkspell3-3-0 amd64 3.0.10-1 [35.0 kB] Get:29 http://ftp.au.debian.org/debian sid/main amd64 gir1.2-gtkspell3-3.0 amd64 3.0.10-1 [9,964 B] Get:30 http://ftp.au.debian.org/debian sid/main amd64 googletest all 1.10.0-3 [626 kB] Get:31 http://ftp.au.debian.org/debian sid/main amd64 libaspell-dev amd64 0.60.8-1 [34.4 kB] Get:32 http://ftp.au.debian.org/debian sid/main amd64 libsigc++-2.0-0v5 amd64 2.10.2-1 [64.0 kB] Get:33 http://ftp.au.debian.org/debian sid/main amd64 libglibmm-2.4-1v5 amd64
Processed: your mail
Processing commands for cont...@bugs.debian.org: > tags 932949 + pending Bug #932949 [gri] gri build-depends on cruft package. Added tag(s) pending. > tags 941557 + pending Bug #941557 [src:gri] gri: texi file need @documentencoding Bug #949150 [src:gri] gri: texi file need @documentencoding Added tag(s) pending. Added tag(s) pending. > tags 901179 + pending Bug #901179 [src:gri] gri FTCBFS: does not pass --host to ./configure Added tag(s) pending. > tags 718540 + pending Bug #718540 [gri-el] gri-el: paragraph separators for commands Added tag(s) pending. > tags 718452 + pending Bug #718452 [gri-el] gri-el: C-u as universal-argument Added tag(s) pending. > tags 711914 + pending Bug #711914 [gri-el] gri-el: package remove allow for flavour directory already gone Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 711914: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711914 718452: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718452 718540: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718540 901179: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901179 932949: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932949 941557: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941557 949150: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949150 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#961216: inkscape: symbol resolution problem
pde@graphene:~$ ls -l /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0 lrwxrwxrwx 1 root root 22 Apr 16 07:01 /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0 -> libgio-2.0.so.0.6400.2 pde@graphene:~$ ls -l /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6400.2 -rw-r--r-- 1 root root 1920176 Apr 16 07:01 /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6400.2 pde@graphene:~$ nm /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6400.2 nm: /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6400.2: no symbols pde@graphene:~$ file /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6400.2 /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6400.2: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=1d09cb1069dbdc80bf696754b6fe9d67041c10d4, stripped pde@graphene:~$ sudo apt-get reinstall libglib2.0-0 Reading package lists... Done Building dependency tree Reading state information... Done 0 upgraded, 0 newly installed, 2 reinstalled, 0 to remove and not upgraded. Need to get 0 B/2,757 kB of archives. After this operation, 0 B of additional disk space will be used. Do you want to continue? [Y/n] (Reading database ... 444913 files and directories currently installed.) Preparing to unpack .../libglib2.0-0_2.64.2-1_amd64.deb ... Unpacking libglib2.0-0:amd64 (2.64.2-1) over (2.64.2-1) ... Preparing to unpack .../libglib2.0-0_2.64.2-1_i386.deb ... Unpacking libglib2.0-0:i386 (2.64.2-1) over (2.64.2-1) ... Setting up libglib2.0-0:amd64 (2.64.2-1) ... Setting up libglib2.0-0:i386 (2.64.2-1) ... Processing triggers for libc-bin (2.30-4) ... pde@graphene:~$ sha256sum /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6400.2 ffb67ca65a4c049bc8019a642727b31c064d715f6667cb41f889d75413103b9c /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6400.2 pde@graphene:~$ strings /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.6400.2 | grep set_option_context g_application_set_option_context_parameter_string g_application_set_option_context_summary g_application_set_option_context_description g_application_set_option_context_description g_application_set_option_context_summary g_application_set_option_context_parameter_string pde@graphene:~$ inkscape inkscape: symbol lookup error: /usr/bin/../lib/x86_64-linux-gnu/inkscape/libinkscape_base.so: undefined symbol: _ZN3Gio11Application35set_option_context_parameter_stringERKN4Glib7ustringE On Fri, 22 May 2020 at 04:37, Mattia Rizzolo wrote: > > Control: tag -1 moreinfo unreproducible > > On Thu, May 21, 2020 at 11:34:49PM +1000, Peter Eckersley wrote: > > Package: inkscape > > Version: 1.0-1 > > Severity: grave > > Justification: renders package unusable > > > > $ inkscape > > inkscape: symbol lookup error: > > /usr/bin/../lib/x86_64-linux-gnu/inkscape/libinkscape_base.so: > > undefined symbol: > > _ZN3Gio11Application35set_option_context_parameter_stringERKN4Glib7ustringE > > I can't reproduce this. > > That symbol is > Gio::Application::set_option_context_parameter_string(Glib::ustring > const&) > which obviously comes from this library you are also listing: > > > libgio-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0 > > (0x7f7eda043000) > > Which seems to be installed: > > > ii libglib2.0-0 2.64.2-1 > > > Regardless it's odd, obviously it works for me and many other people, > such bug would have drawn many others to complain. > Please double check your Glib installation… > > -- > regards, > Mattia Rizzolo > > GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. > More about me: https://mapreri.org : :' : > Launchpad user: https://launchpad.net/~mapreri `. `'` > Debian QA page: https://qa.debian.org/developer.php?login=mattia `- -- Peter
Bug#960892: another fix
Hi Martin, Martin Quinson wrote: > I gave another try to this fix, and the current git version of po4a > manages to build aptitude even with the recent patch removed. Thanks, much appreciated! > Could you please give it a try, just to ensure that I didn't mess up > my verification? Will do. Regards, Axel -- ,''`. | Axel Beckert , https://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 `-| 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
Bug#960892: another fix
Hello, I gave another try to this fix, and the current git version of po4a manages to build aptitude even with the recent patch removed. Could you please give it a try, just to ensure that I didn't mess up my verification? Thanks in advance, Mt. -- Reject: The reference on the SimGrid toolkit is outdated. -- Bastard Reviewer From Hell signature.asc Description: PGP signature
Bug#942910: marked as done (automake-1.15: Python2 removal in sid/bullseye)
Your message dated Thu, 21 May 2020 22:48:39 + with message-id and subject line Bug#942910: fixed in automake-1.15 1:1.15.1-5.1 has caused the Debian Bug report #942910, regarding automake-1.15: Python2 removal in sid/bullseye to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 942910: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942910 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: automake-1.15 Version: 1:1.15.1-5 Severity: normal Tags: sid bullseye User: debian-pyt...@lists.debian.org Usertags: py2removal Python2 becomes end-of-live upstream, and Debian aims to remove Python2 from the distribution, as discussed in https://lists.debian.org/debian-python/2019/07/msg00080.html Your package either build-depends, depends on Python2, or uses Python2 in the autopkg tests (the specific reason can be found searching this source package in https://people.debian.org/~morph/mass-bug-py2removal_take2.txt ). Please stop using Python2, and fix this issue by one of the following actions. - Convert your Package to Python3. This is the preferred option. In case you are providing a Python module foo, please consider dropping the python-foo package, and only build a python3-foo package. Please don't drop Python2 modules, which still have reverse dependencies, just document them. This is the preferred option. - If the package is dead upstream, cannot be converted or maintained in Debian, it should be removed from the distribution. If the package still has reverse dependencies, raise the severity to "serious" and document the reverse dependencies with the BTS affects command. If the package has no reverse dependencies, confirm that the package can be removed, reassign this issue to ftp.debian.org, make sure that the bug priority is set to normal and retitle the issue to "RM: PKG -- removal triggered by the Python2 removal". - If the package has still many users (popcon >= 300), or is needed to build another package which cannot be removed, document that by adding the "py2keep" user tag (not replacing the py2remove tag), using the debian-pyt...@lists.debian.org user. Also any dependencies on an unversioned python package (python, python-dev) must not be used, same with the python shebang. These have to be replaced by python2/python2.7 dependencies and shebang. This is the least preferred option. If there are questions, please refer to the wiki page for the removal: https://wiki.debian.org/Python/2Removal, or ask for help on IRC #debian-python, or the debian-pyt...@lists.debian.org mailing list. --- End Message --- --- Begin Message --- Source: automake-1.15 Source-Version: 1:1.15.1-5.1 Done: Scott Kitterman We believe that the bug you reported is fixed in the latest version of automake-1.15, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 942...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Scott Kitterman (supplier of updated automake-1.15 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 21 May 2020 18:18:04 -0400 Source: automake-1.15 Architecture: source Version: 1:1.15.1-5.1 Distribution: unstable Urgency: medium Maintainer: Eric Dorland Changed-By: Scott Kitterman Closes: 942910 Changes: automake-1.15 (1:1.15.1-5.1) unstable; urgency=medium . * Non-maintainer upload. * Switch to python3 (Closes: #942910) Checksums-Sha1: 4e9d35e99d1cd0edf72a0369dbf341ff264f4c18 2244 automake-1.15_1.15.1-5.1.dsc 782dc5d2789ca74d7d935f4b30df08860fa89a92 13876 automake-1.15_1.15.1-5.1.debian.tar.xz b7f143c770733812e3912ddcc2c55780f04859fb 5812 automake-1.15_1.15.1-5.1_source.buildinfo Checksums-Sha256: ebcc8fa5762c0348463f75d58c6476ed625e4e20887f8a81386bf3e4cf6bb54b 2244 automake-1.15_1.15.1-5.1.dsc 8bea998181c4b31ff75807f70c874d12cdbc66f87ae2bf89f4dbed3730e5edb1 13876 automake-1.15_1.15.1-5.1.debian.tar.xz 96435da9eb8ca885a6ae4d61562bf43cb2b3cb75043209d781ebda60b280 5812 automake-1.15_1.15.1-5.1_source.buildinfo Files: 149f3f86f1b8c9d0f30dd2d396abad3b 2244 devel optional automake-1.15_1.15.1-5.1.dsc
Bug#961245: mercurial-common: trying to overwrite '/usr/lib/python2.7/dist-packages/hgext/git/__init__.py', which is also in package mercurial-git 0.8.12-1.2
Package: mercurial-common Version: 5.4-1 Severity: serious Hi, upgrading mercurial-common fails due to a file conflict with mercurial-git as follows: Preparing to unpack .../mercurial-common_5.4-1_all.deb ... Unpacking mercurial-common (5.4-1) over (5.3.2-1) ... dpkg: error processing archive /var/cache/apt/archives/mercurial-common_5.4-1_all.deb (--unpack): trying to overwrite '/usr/lib/python2.7/dist-packages/hgext/git/__init__.py', which is also in package mercurial-git 0.8.12-1.2 dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) Errors were encountered while processing: /var/cache/apt/archives/mercurial-common_5.4-1_all.deb It seems as if the source package mercurial is overtaking the git backend from the mercurial-git package (currently uninstallable due to the removal of the python-dulwich package) of the hg-git source package. So I'm only filing this against mercurial-common as Replaces and Breaks headers seem missing. Another solution (which needs to come anyway sometime soon) might be to switch this to Python 3. In case hg-git is not about to being removed from unstable anyway and this is a conflict which needs to be resolved on both sides, feel free to reassign this bug against both packages until the conflict is resolved. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (990, 'unstable'), (980, 'unstable-debug'), (600, 'testing'), (111, 'buildd-unstable'), (111, 'buildd-experimental'), (110, 'experimental'), (105, 'experimental-debug') Architecture: i386
Processed: [bts-link] source package src:cockpit
Processing commands for cont...@bugs.debian.org: > # > # bts-link upstream status pull for source package src:cockpit > # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html > # https://bts-link-team.pages.debian.net/bts-link/ > # > user debian-bts-l...@lists.debian.org Setting user to debian-bts-l...@lists.debian.org (was debian-bts-l...@lists.debian.org). > # remote status report for #960752 (http://bugs.debian.org/960752) > # Bug title: FTBFS on IPv6-only hosts > # * https://github.com/cockpit-project/cockpit/pull/14098 > # * remote status changed: (?) -> closed > # * closed upstream > tags 960752 + fixed-upstream Bug #960752 [src:cockpit] FTBFS on IPv6-only hosts Added tag(s) fixed-upstream. > usertags 960752 + status-closed There were no usertags set. Usertags are now: status-closed. > thanks Stopping processing here. Please contact me if you need assistance. -- 960752: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960752 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#961236: marked as done (re2: FTBFS on 32 bit archs)
Your message dated Thu, 21 May 2020 20:49:10 + with message-id and subject line Bug#961236: fixed in re2 20200501+dfsg-3 has caused the Debian Bug report #961236, regarding re2: FTBFS on 32 bit archs to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 961236: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961236 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: re2 Version: 20200501+dfsg-2 Severity: serious Tags: ftbfs upstream fixed-upstream Justification: fails to build from source (but built successfully in the past) Control: forwarded -1 https://github.com/google/re2/issues/256 re2 FTBFS on the 32 bit archs. See https://buildd.debian.org/status/fetch.php?pkg=re2=i386=20200501%2Bdfsg-2=1590088309=0 for example. Upstream bug report https://github.com/google/re2/issues/256 and fix https://github.com/google/re2/commit/bde1ea09550a61b4a092cdf0e3ba8dca4200947a Cheers -- Sebastian Ramacher signature.asc Description: PGP signature --- End Message --- --- Begin Message --- Source: re2 Source-Version: 20200501+dfsg-3 Done: Stefano Rivera We believe that the bug you reported is fixed in the latest version of re2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 961...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stefano Rivera (supplier of updated re2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 21 May 2020 13:25:13 -0700 Source: re2 Architecture: source Version: 20200501+dfsg-3 Distribution: unstable Urgency: medium Maintainer: Stefano Rivera Changed-By: Stefano Rivera Closes: 961236 Changes: re2 (20200501+dfsg-3) unstable; urgency=medium . * Cherry-pick patch to fix FTBFS on 32bit archs. (Closes: #961236) Checksums-Sha1: c60b8fffb75b9e4857ed60ff99728418590c8a29 1401 re2_20200501+dfsg-3.dsc 8c97a68b097b4da258f79b8ec3a77f02ef38885b 10488 re2_20200501+dfsg-3.debian.tar.xz 9475569aa08a335559fd04885d012861ddd75ea8 5142 re2_20200501+dfsg-3_source.buildinfo Checksums-Sha256: 857c509def5aacd7118380cfde5ba544abd4624294ca81783aaa114c4da74704 1401 re2_20200501+dfsg-3.dsc faab5f623d5d5a6d2371e6f80bed2751cbdb5d7f8f91d3d3e122281be550f4bb 10488 re2_20200501+dfsg-3.debian.tar.xz 07f6248e67ba681dafcb807aea802480755b2d21bd82c01458597267371bc3f4 5142 re2_20200501+dfsg-3_source.buildinfo Files: 33726f721d01294e2101901f1b785101 1401 libs optional re2_20200501+dfsg-3.dsc 80f23f7937e7fb145fdc4c51888f3606 10488 libs optional re2_20200501+dfsg-3.debian.tar.xz e981dfdab41f4f339da8c45db95596d4 5142 libs optional re2_20200501+dfsg-3_source.buildinfo -BEGIN PGP SIGNATURE- iHUEARYKAB0WIQTumtb5BSD6EfafSCRHew2wJjpU2AUCXsbkIwAKCRBHew2wJjpU 2FdsAQC/LgEhpiHuTr0RLSJnFkl960VkM5agiUZTu9Ey43MYEgEAzf+n5w68kEXE T2tGDsdEz3dit3eaSmSt4IoQdYuP3gs= =Is2z -END PGP SIGNATURE End Message ---
Processed: [bts-link] source package ferm
Processing commands for cont...@bugs.debian.org: > # > # bts-link upstream status pull for source package ferm > # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html > # https://bts-link-team.pages.debian.net/bts-link/ > # > user debian-bts-l...@lists.debian.org Setting user to debian-bts-l...@lists.debian.org (was debian-bts-l...@lists.debian.org). > # remote status report for #958105 (http://bugs.debian.org/958105) > # Bug title: ferm: v2.5 broke @ipfilter(), resulting in > deferred=ARRAY(0x55b7a9219368) errors > # * https://github.com/MaxKellermann/ferm/issues/63 > # * remote status changed: (?) -> closed > # * closed upstream > tags 958105 + fixed-upstream Bug #958105 [ferm] ferm: v2.5 broke @ipfilter(), resulting in deferred=ARRAY(0x55b7a9219368) errors Added tag(s) fixed-upstream. > usertags 958105 + status-closed There were no usertags set. Usertags are now: status-closed. > thanks Stopping processing here. Please contact me if you need assistance. -- 958105: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958105 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: fixed 959444 in openexr/2.5.0-1
Processing commands for cont...@bugs.debian.org: > fixed 959444 openexr/2.5.0-1 Bug #959444 [openexr] openexr: CVE-2020-11758 CVE-2020-11759 CVE-2020-11760 CVE-2020-11761 CVE-2020-11762 CVE-2020-11763 CVE-2020-11764 CVE-2020-11765 Marked as fixed in versions openexr/2.5.0-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 959444: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959444 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#959856: marked as done (terminator: ships /usr/share/icons/hicolor/icon-theme.cache)
Your message dated Thu, 21 May 2020 20:35:52 + with message-id and subject line Bug#959856: fixed in terminator 1.92-2 has caused the Debian Bug report #959856, regarding terminator: ships /usr/share/icons/hicolor/icon-theme.cache to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 959856: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959856 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: terminator Version: 1.92-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package has a file conflict on /usr/share/icons/hicolor/icon-theme.cache with other buggy packages shipping that file, too. cheers, Andreas --- End Message --- --- Begin Message --- Source: terminator Source-Version: 1.92-2 Done: Markus Frosch We believe that the bug you reported is fixed in the latest version of terminator, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 959...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Markus Frosch (supplier of updated terminator package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 21 May 2020 22:02:22 +0200 Source: terminator Architecture: source Version: 1.92-2 Distribution: unstable Urgency: medium Maintainer: Python Applications Packaging Team Changed-By: Markus Frosch Closes: 959856 Changes: terminator (1.92-2) unstable; urgency=medium . [ Debian Janitor ] * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse. . [ Markus Frosch ] * [864a8b8] rules: Remove any icon cache file after install (Closes: #959856) Checksums-Sha1: 14a4645ad0f6b671158ba5c52d741acdffd483b0 2203 terminator_1.92-2.dsc 7e55c3766eb6813e7355cd6688a0ee232a7aa5c8 13380 terminator_1.92-2.debian.tar.xz 87b2dc8fa77e9e39951eb4ee8b71fd22f2e932ac 10283 terminator_1.92-2_amd64.buildinfo Checksums-Sha256: 9e131e52bbc52666a00a1c484a115061fe2d7876676251158f4199406588b951 2203 terminator_1.92-2.dsc 21d26c1655e67401672035cb728c0daa80cce6f38bd97a04ac1a1d2761a07cb9 13380 terminator_1.92-2.debian.tar.xz c60e40c73cc7eb54edec791ae4a7f82552099c33a521e6bcc1bd1b7ace0943c6 10283 terminator_1.92-2_amd64.buildinfo Files: 2f2b80226bfd17511ca8f2cc4e3e381a 2203 misc optional terminator_1.92-2.dsc a6a9c79175e9db7ed6c4d473d0c1300a 13380 misc optional terminator_1.92-2.debian.tar.xz 2e76a5a4c3b6b0371b998ba272e149e0 10283 misc optional terminator_1.92-2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEE51PRnEwqQtexjRSC8mFdmquYe24FAl7G3tEACgkQ8mFdmquY e24qyggAtWyNQSegBAGqCdLxW99OEqE1gLIvwp5GAZttkND9F+sNOqiNW2XU7taS mtntXugcqaj3jSSqXDFTVhzThf+oYr1NDIFbGUkfkaMliRnpGtLYi6s7Zr1WRqle OcE36HhfnYQn0t2561Qorudr3oqOV1X5Ju2QDcgU3Y5RZwBhbiBSLN0Sgr3q/2rS j3Ws3C7M/dADHVEO74Pb2ah7JRoraensq/moYR4bqKmMLi1oIywB2QGQVfrNT8go DmQGImIxrYriNUMYO0EjwXR/Na1qQrIS860W27PJG4mauIj5PlSeqy8I2a1hhHU1 Oiy60XSt3NCFn2e2FmSlf72O0Yr0SQ== =xOLv -END PGP SIGNATURE End Message ---
Bug#960899: paramiko: autopkgtests failures
I'm pretty sure its because the configs folder from usptream isn't included in the package at all. https://github.com/paramiko/paramiko/tree/master/tests/configs -- Brian Murray @ubuntu.com
Bug#960865: marked as done (aptitude FTBFS with new po4a)
Your message dated Thu, 21 May 2020 20:33:58 + with message-id and subject line Bug#960865: fixed in aptitude 0.8.13-1 has caused the Debian Bug report #960865, regarding aptitude FTBFS with new po4a to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 960865: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960865 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: aptitude Severity: important User: debian-p...@lists.debian.org Usertags: libparse-debian-changelog-perl-removal Tags: patch Hi! aptitude Recommends libparse-debianchangelog-perl, which has had no upstream maintainer since 2011. The Debian Perl group has decided today that theye do not want libparse-debianchangelog-perl to be included in the Bullseye release, unless someone steps up and volunteers to be its upstream maintainer: see https://bugs.debian.org/933128, where you can discuss the options. I'm attaching an old patch I had around, which I thought I had sent out, but apparently not (perhaps only on IRC), to switch to libdpkg-perl's parser which is the successor of this package. I'm not sure right now whether there was some problem with the patch, I'll try to retest it in the coming days in case no one beats me to it, but just wanted to put this out there to avoid any work duplication. Thanks, Guillem From a1c7206ecdae8e3b33eef406be3ac9b44190b0d8 Mon Sep 17 00:00:00 2001 From: Guillem Jover Date: Tue, 18 Oct 2016 23:55:28 +0200 Subject: [PATCH] Switch from libparse-debianchangelog-perl to libdpkg-perl The former was merged into the latter some time ago, with the main difference being the lack of some of the output formats that are not being used by aptitude. This seems to have been attempted in the past, but was reverted due to performance problems. The performance from current libdpkg-perl should be comparable. We use the perl module directly to avoid pulling dpkg-dev and its dependencies. --- debian/control | 2 +- src/generic/apt/changelog_parse.cc | 11 ++- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/debian/control b/debian/control index c4a17d58..cd114861 100644 --- a/debian/control +++ b/debian/control @@ -41,7 +41,7 @@ Multi-Arch: foreign Depends: aptitude-common (= ${source:Version}), ${misc:Depends}, ${shlibs:Depends} -Recommends: libparse-debianchangelog-perl, +Recommends: libdpkg-perl, sensible-utils Suggests: aptitude-doc-en | aptitude-doc, apt-xapian-index, diff --git a/src/generic/apt/changelog_parse.cc b/src/generic/apt/changelog_parse.cc index 9cf1ab5b..165efe5c 100644 --- a/src/generic/apt/changelog_parse.cc +++ b/src/generic/apt/changelog_parse.cc @@ -18,7 +18,7 @@ // the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, // Boston, MA 02110-1301, USA. // -// At the moment this code uses parsechangelog to convert changelogs +// At the moment this code uses Dpkg::Changelog::Parse to convert changelogs // into something easier to read. #include "changelog_parse.h" @@ -327,17 +327,18 @@ namespace aptitude std::string version_fragment; if(from.empty()) - version_fragment = "--all"; + version_fragment = "all => undef"; else { - version_fragment = "-f "; + version_fragment = "from => '"; // Note that escaping the version is *critical*, because // it is untrusted data. version_fragment += backslash_escape_nonalnum(from); + version_fragment += "'"; } std::string cmd = - cw::util::ssprintf("/usr/bin/parsechangelog --format rfc822 %s -l %s > %s 2> /dev/null", + cw::util::ssprintf("perl -MDpkg::Changelog::Parse -e \"print changelog_parse(format => 'rfc822', file => '%s', %s);\" > %s 2> /dev/null", version_fragment.c_str(), filename.c_str(), rval.get_name().c_str()); @@ -432,7 +433,7 @@ namespace aptitude * The purpose of the queue is to ensure that aptitude only * parses one changelog at a time and doesn't waste a ton of time * starting new changelog parse threads and spawning copies of - * parsechangelog. + * Dpkg::Changelog::Parse. * * This is a self-terminating singleton thread. */ -- 2.23.0.rc1.153.gdeed80330f --- End Message --- --- Begin Message --- Source: aptitude Source-Version: 0.8.13-1 Done: Axel Beckert We believe that the bug you reported is fixed in the latest version of aptitude, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you
Processed: Bug#943135: numba: Python2 removal in sid/bullseye - reopen 943135
Processing commands for cont...@bugs.debian.org: > severity 943135 serious Bug #943135 [src:numba] numba: Python2 removal in sid/bullseye Severity set to 'serious' from 'normal' > tags 943135 +patch Bug #943135 [src:numba] numba: Python2 removal in sid/bullseye Added tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 943135: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943135 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: severity of 960361 is serious
Processing commands for cont...@bugs.debian.org: > # re2 transition started > severity 960361 serious Bug #960361 [src:chromium] src:chromium: FTBFS with re2 20200501 Severity set to 'serious' from 'normal' > thanks Stopping processing here. Please contact me if you need assistance. -- 960361: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960361 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#961236: re2: FTBFS on 32 bit archs
Hi Sebastian (2020.05.21_19:53:01_+) > re2 FTBFS on the 32 bit archs. See > https://buildd.debian.org/status/fetch.php?pkg=re2=i386=20200501%2Bdfsg-2=1590088309=0 > for example. Whoops. I guess I didn't check on the experimental builds... Thanks for that. SR -- Stefano Rivera http://tumbleweed.org.za/ +1 415 683 3272
Bug#959856: [Python-apps-team] Bug#959856: terminator: ships /usr/share/icons/hicolor/icon-theme.cache
On Mon, 2020-05-18 at 19:05 +0200, Adrian Vondendriesch wrote: > I wasn't able to find any way to tell pybuild to pass any argument right > after "python3 setup.py" and the action it should call (for instance > "install"). Passing --install-args to pybuild doesn't work. Therefor I > did the same thing as in commit 2271ffc9. Overwrite dh_auto_-install. Thanks for the patch Adrian, but I think the best way for now is to purge the file after dh_auto_install. I want to remove the "feature" in 2.0 anyways: https://github.com/gnome-terminator/terminator/issues/102 Thanks Markus -- lazyfro...@debian.org https://lazyfrosch.de
Processed: Bug#959856 marked as pending in terminator
Processing control commands: > tag -1 pending Bug #959856 [terminator] terminator: ships /usr/share/icons/hicolor/icon-theme.cache Added tag(s) pending. -- 959856: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959856 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#959856: marked as pending in terminator
Control: tag -1 pending Hello, Bug #959856 in terminator reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/applications/terminator/-/commit/864a8b8e939ff602839f4862052ed7c5b43eecc3 rules: Remove any icon cache file after install Closes: #959856 (this message was generated automatically) -- Greetings https://bugs.debian.org/959856
Bug#961236: re2: FTBFS on 32 bit archs
Source: re2 Version: 20200501+dfsg-2 Severity: serious Tags: ftbfs upstream fixed-upstream Justification: fails to build from source (but built successfully in the past) Control: forwarded -1 https://github.com/google/re2/issues/256 re2 FTBFS on the 32 bit archs. See https://buildd.debian.org/status/fetch.php?pkg=re2=i386=20200501%2Bdfsg-2=1590088309=0 for example. Upstream bug report https://github.com/google/re2/issues/256 and fix https://github.com/google/re2/commit/bde1ea09550a61b4a092cdf0e3ba8dca4200947a Cheers -- Sebastian Ramacher signature.asc Description: PGP signature
Processed: re2: FTBFS on 32 bit archs
Processing control commands: > forwarded -1 https://github.com/google/re2/issues/256 Bug #961236 [src:re2] re2: FTBFS on 32 bit archs Set Bug forwarded-to-address to 'https://github.com/google/re2/issues/256'. -- 961236: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961236 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: out-of-sync bugs are already fixed in unstable by default, so can be closed
Processing commands for cont...@bugs.debian.org: > # All these bugs are already marked fixed in the version in unstable and > # there isn't an out-of-sync anymore, so can be closed > close 954368 Bug #954368 [src:haskell-mode] src:haskell-mode: fails to migrate to testing for too long Marked Bug as done > close 954369 Bug #954369 [src:pajeng] src:pajeng: fails to migrate to testing for too long Marked Bug as done > close 956420 Bug #956420 [src:pynwb] src:pynwb: fails to migrate to testing for too long Marked Bug as done > close 961098 Bug #961098 [src:sklearn-pandas] sklearn-pandas: Failed to migrate to testing for too long Marked Bug as done > close 956419 Bug #956419 [src:speechd-el] src:speechd-el: fails to migrate to testing for too long Marked Bug as done > thanks Stopping processing here. Please contact me if you need assistance. -- 954368: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954368 954369: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954369 956419: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956419 956420: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956420 961098: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961098 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: forcibly merging 959569 959535
Processing commands for cont...@bugs.debian.org: > forcemerge 959569 959535 Bug #959569 [src:octave-parallel] octave-parallel: FTBFS: error: writing file '/sbuild-nonexistent/.octave_hist': No such file or directory Bug #959535 [src:octave-parallel] octave-parallel FTBFS: dh_octave_check fails Added tag(s) sid and bullseye. Merged 959535 959569 > thanks Stopping processing here. Please contact me if you need assistance. -- 959535: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959535 959569: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959569 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#961216: inkscape: symbol resolution problem
Control: tag -1 moreinfo unreproducible On Thu, May 21, 2020 at 11:34:49PM +1000, Peter Eckersley wrote: > Package: inkscape > Version: 1.0-1 > Severity: grave > Justification: renders package unusable > > $ inkscape > inkscape: symbol lookup error: > /usr/bin/../lib/x86_64-linux-gnu/inkscape/libinkscape_base.so: > undefined symbol: > _ZN3Gio11Application35set_option_context_parameter_stringERKN4Glib7ustringE I can't reproduce this. That symbol is Gio::Application::set_option_context_parameter_string(Glib::ustring const&) which obviously comes from this library you are also listing: > libgio-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0 > (0x7f7eda043000) Which seems to be installed: > ii libglib2.0-0 2.64.2-1 Regardless it's odd, obviously it works for me and many other people, such bug would have drawn many others to complain. Please double check your Glib installation… -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Processed: Re: Bug#961216: inkscape: symbol resolution problem
Processing control commands: > tag -1 moreinfo unreproducible Bug #961216 [inkscape] inkscape: symbol resolution problem Added tag(s) unreproducible and moreinfo. -- 961216: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961216 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#961234: r-cran-treescape: FTBFS on ppc64el:Segmentation fault
Source: r-cran-treescape Version: 1.10.18+dfsg-1 Severity: serious Tags: ftbfs bullseye sid Hi Maintainer In the recent rebuild for r-api4.0, r-cran-treescape FTBFS on ppc64el [1]. I've copied what I hope is the relevant part of the log below. Upstream's homepage has a note: Package ‘treescape’ was removed from the CRAN repository. Formerly available versions can be obtained from the archive. Archived on 2017-05-23 as requested by the maintainer . Consider using package ‘treespace’ instead. Regards Graham [1] https://buildd.debian.org/status/logs.php?pkg=r-cran-treescape=ppc64el [2] https://cran.r-project.org/web/packages/treescape/index.html make[2]: Entering directory '/<>/src' g++ -std=gnu++11 -I"/usr/share/R/include" -DNDEBUG -I'/usr/lib/R/site-library/Rcpp/include'-fPIC -g -O2 -fdebug-prefix-map=/build/r-base-BUYUMC/r-base-4.0.0=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -g -c CPP_update_combinations.cpp -o CPP_update_combinations.o g++ -std=gnu++11 -I"/usr/share/R/include" -DNDEBUG -I'/usr/lib/R/site-library/Rcpp/include'-fPIC -g -O2 -fdebug-prefix-map=/build/r-base-BUYUMC/r-base-4.0.0=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -g -c RcppExports.cpp -o RcppExports.o g++ -std=gnu++11 -shared -L/usr/lib/R/lib -Wl,-z,relro -o treescape.so CPP_update_combinations.o RcppExports.o -L/usr/lib/R/lib -lR make[2]: Leaving directory '/<>/src' make[2]: Entering directory '/<>/src' make[2]: Leaving directory '/<>/src' installing to /<>/debian/r-cran-treescape/usr/lib/R/site-library/00LOCK-r-cran-treescape-1.10.18+dfsg/00new/treescape/libs ** R ** data *** moving datasets to lazyload DB ** inst ** byte-compile and prepare package for lazy loading Creating a generic function for ‘toJSON’ from package ‘jsonlite’ in package ‘googleVis’ Segmentation fault ERROR: lazy loading failed for package ‘treescape’ * removing ‘/<>/debian/r-cran-treescape/usr/lib/R/site-library/treescape’ dh_auto_install: error: xvfb-run --auto-servernum --server-num=20 -s "-screen 0 1024x768x24 -ac +extension GLX +render -noreset" R CMD INSTALL -l /<>/r-cran-treescape-1.10.18\+dfsg/debian/r-cran-treescape/usr/lib/R/site-library --clean . "--built-timestamp='Thu, 21 May 2020 09:37:46 +'" returned exit code 1 make[1]: *** [debian/rules:26: override_dh_auto_install] Error 25 make[1]: Leaving directory '/<>' make: *** [debian/rules:16: binary-arch] Error 2 dpkg-buildpackage: error: fakeroot debian/rules binary-arch subprocess returned exit status 2
Bug#961147: libcolor-calc-perl: broken by new libgraphics-colornames-perl
On Wed, May 20, 2020 at 10:22:31PM +0300, Niko Tyni wrote: > Package: libcolor-calc-perl > Version: 1.074-2 > Severity: grave > Tags: bullseye sid > X-Debbugs-Cc: libgraphics-colornames-p...@packages.debian.org > > Color::Calc uses Graphics::ColorNames::HTML, which was recently dropped > from the libgraphics-colornames-perl package in Debian. > > Graphics::ColorNames::HTML is now available separately on CPAN, with a > deprecation notice pointing users to Graphics::ColorNames::WWW (packaged > in Debian as libgraphics-colornames-www-perl) instead. > > So Color::Calc needs to adapt, or Graphics::ColorNames::HTML needs to be > packaged separately despite the deprecation. > > Also, libgraphics-colornames-perl should add a Breaks entry for the > versions of libcolor-calc-perl it broke. I had a look at making Color::Calc use Graphics::ColorNames::WWW instead. The API is a drop-in replacement, but the test suite blows up because it has more color names to choose from (17 in ::HTML vs 148 in ::WWW). The module seems to be partly about these subtle differences between different color schemes, so I'm a bit uneasy about patching it to use ::WWW by default and patching the test suite. We could also inline the small ::HTML hash, but part of the Color::Calc API is being able to choose a Graphics::ColorNames submodule, so we can't really hide it very deep. And if it's going to be a public module, it's cleaner to just package it separately I think. So IMO we should either to package Graphics::ColorNames::HTML even though it's deprecated, or drop Color::Calc from Debian. libcolor-calc-perl has just one reverse dependency AFAICS: libcgi-application-plugin-authentication-perl. -- Niko Tyni nt...@debian.org
Bug#961230: guile-2.2 FTBFS with make-dfsg/4.3-1: ERROR: alternatives priority expects min version < 1000.
Source: guile-2.2 Version: 2.2.7+1-5 Severity: serious Tags: ftbfs User: helm...@debian.org Usertags: rebootstrap While bootstrap testing unstable, I noticed that guile-2.2 fails to build from source (natively). A build now ends quicky: | dpkg-buildpackage: info: source package guile-2.2 | dpkg-buildpackage: info: source version 2.2.7+1-5 | dpkg-buildpackage: info: source distribution unstable | dpkg-buildpackage: info: source changed by Rob Browning | dpkg-source --before-build . | dpkg-buildpackage: info: host architecture amd64 | fakeroot debian/rules clean | /bin/bash: ${\#x}: bad substitution | debian/rules:70: *** ERROR: alternatives priority expects min version < 1000. Stop. | dpkg-buildpackage: error: fakeroot debian/rules clean subprocess returned exit status 2 This only happens since make-dfsg/4.3-1, but I think the bug here ultimately is with guile-2.2. The relevant code from debian/rules is: | ifneq (ok,$(shell x='$(deb_src_min_ver)'; [ "$${\#x}" -lt 4 ] && echo ok;)) | $(error ERROR: alternatives priority expects min version < 1000) | endif It is surprising that this didn't fail with earlier versions of make. The shell substitution is clearly wrong. It is unclear what it is supposed to achieve. In any case, deleting these lines makes the build proceed. Helmut
Bug#960250: marked as done (guitarix FTBFS with lv2-dev 1.18.0-1)
Your message dated Thu, 21 May 2020 17:03:48 + with message-id and subject line Bug#960250: fixed in guitarix 0.39.0+dfsg1-3 has caused the Debian Bug report #960250, regarding guitarix FTBFS with lv2-dev 1.18.0-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 960250: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960250 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: guitarix Version: 0.39.0+dfsg1-2 Severity: serious Tags: ftbfs https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/guitarix.html ... ../src/LV2/gxautowah.lv2/gxautowah_gui.cpp:194:21: error: invalid conversion from 'void* (*)(const _LV2UI_Descriptor*, const char*, const char*, LV2UI_Write_Function, LV2UI_Controller, void**, const LV2_Feature* const*)' {aka 'void* (*)(const _LV2UI_Descriptor*, const char*, const char*, void (*)(void*, unsigned int, unsigned int, unsigned int, const void*), void*, void**, const LV2_Feature* const*)'} to 'void* (*)(const LV2UI_Descriptor*, const char*, const char*, LV2UI_Write_Function, LV2UI_Controller, void**, const LV2_Feature* const*)' {aka 'void* (*)(const LV2UI_Descriptor*, const char*, const char*, void (*)(void*, unsigned int, unsigned int, unsigned int, const void*), void*, void**, const LV2_Feature* const*)'} [-fpermissive] 194 | {GXPLUGIN_UI_URI, instantiate, cleanup, port_event, NULL} | ^~~ | | | void* (*)(const _LV2UI_Descriptor*, const char*, const char*, LV2UI_Write_Function, LV2UI_Controller, void**, const LV2_Feature* const*) {aka void* (*)(const _LV2UI_Descriptor*, const char*, const char*, void (*)(void*, unsigned int, unsigned int, unsigned int, const void*), void*, void**, const LV2_Feature* const*)} ... --- End Message --- --- Begin Message --- Source: guitarix Source-Version: 0.39.0+dfsg1-3 Done: Dennis Braun We believe that the bug you reported is fixed in the latest version of guitarix, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 960...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Dennis Braun (supplier of updated guitarix package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 21 May 2020 18:43:50 +0200 Source: guitarix Architecture: source Version: 0.39.0+dfsg1-3 Distribution: unstable Urgency: medium Maintainer: Debian Multimedia Maintainers Changed-By: Dennis Braun Closes: 960250 Changes: guitarix (0.39.0+dfsg1-3) unstable; urgency=medium . * Fix LV2 types (Closes: #960250) * Fix spelling errors * Bump dh-compat to 13 * Mark -dev packages as not Multi-Arch * Add archive and remove obsolete name field in d/upstream/metadata Checksums-Sha1: 97c913ebbbcdfdee9958ba3354235d9ea22922cc 2874 guitarix_0.39.0+dfsg1-3.dsc 89c2e78088c1df7b02d58becd6c33a857307849d 17396 guitarix_0.39.0+dfsg1-3.debian.tar.xz Checksums-Sha256: 70ee48118162b6971a216042d4562c7eede3d796cd33cf1a1dddcfa7381c76fe 2874 guitarix_0.39.0+dfsg1-3.dsc afc1b92d0bf110b69045f1544459af3d61d2432fba297f8695d5181071d41f7c 17396 guitarix_0.39.0+dfsg1-3.debian.tar.xz Files: cecb3e53cb3e6dea2c34a58bc5843b2c 2874 sound optional guitarix_0.39.0+dfsg1-3.dsc 8d99a9fdf511b6eb9dda183f3d77e40f 17396 sound optional guitarix_0.39.0+dfsg1-3.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE94y6B4F7sUmhHTOQafL8UW6nGZMFAl7GsNUACgkQafL8UW6n GZNTQQ/8CuUc+4CjeA1kP3HOt/6w9bTo+Io2ZiR+ya34VKVnzHDDObUDXPrq1dkA Vjv7R0dvfyyrv+89bO5BzOyXMvFIzGiNJJuksZPj899sc9a5kPw2XA5B94KMW5W0 HYVwBo4aSGwdY9YGMzdhgbMjExCt5tK0BmDQT5vy7rkO/iaEzavGGd/i15grwWfd pFjyQGWo2PVaIvEJ6z8GHmg/tJZ/Z7slirmLjjHe41ftBz+EDn3pI8MtlZk1+Hm7 LO6ycrWecmee3mcR/fhGf2nf5x1hFZL4ESoyrkJm+8PJXskpO2V5D0mnYQmCVCcP nFttugzIsqA+bdaYKMW49KbQiJYopIOrsSP4A4JBYQbgGKZIqqm9cSxa/b06hYlC eOtp1hzdJs18CXCx6H5X9trzN9jGserntL10IDHPUOAseQ6wmC83SMVhYXCYBiPx YsZPO6k3Hz60LmQvHxBP1ACREMGDm8zbk35CNS6xdlHAa9NMjcDfvgIuXn3pyefh 9mr7k1AzGfJ1N/GH78Vk0wOJAd8JhioPcmRyJ4p0qj8FcM693D5gcfGJbIncygX1 T4M8Z9ZYcl+kg2EeIR4v+M4ZAx9+aYpCiBqugJSyNKJIb7TPOLdThFbdBOJrTp0E lN5vl3KM7JB0N7XkLrPXc3fLqEoZe8vyXwdU+TdwOWxvsaaBEqo= =SyVo -END PGP
Bug#961224: python-cobra: test failures on s390x
Source: python-cobra Version: 0.18.0-1 Severity: serious Three of the last four builds of python-cobra on s390x have failed with. === FAILURES === ___ test_model_summary_to_frame_with_fva[optlang-glpk-0.95] model = , opt_solver = 'optlang-glpk' fraction = 0.95 @pytest.mark.parametrize("fraction", [0.95]) def test_model_summary_to_frame_with_fva(model, opt_solver, fraction): """Test model summary.to_frame() (using FVA).""" if opt_solver == "optlang-gurobi": pytest.xfail("FVA currently buggy") # test non-fva version (these should be fixed for textbook model) expected_in_fluxes = ['o2_e', 'glc__D_e', 'nh4_e', 'pi_e', np.nan, np.nan, np.nan, np.nan, np.nan, np.nan, np.nan, np.nan] expected_out_fluxes = ['h2o_e', 'co2_e', 'h_e', 'for_e', 'ac_e', 'acald_e', 'pyr_e', 'etoh_e', 'lac__D_e', 'succ_e', 'akg_e', 'glu__L_e'] model.solver = opt_solver solution = model.optimize() out_df = model.summary(solution, fva=fraction).to_frame() assert out_df[('IN_FLUXES', 'ID')].tolist() == expected_in_fluxes > assert out_df[('OUT_FLUXES', 'ID')].tolist() == expected_out_fluxes E AssertionError: assert ['h2o_e', 'co... 'pyr_e', ...] == ['h2o_e', 'co2...acald_e', ...] E At index 5 diff: 'pyr_e' != 'acald_e' E Use -v to get the full diff
Bug#959176: marked as done (gammu-smsd: cannot start (wrong path in systemd service file))
Your message dated Thu, 21 May 2020 15:48:34 + with message-id and subject line Bug#959176: fixed in gammu 1.41.0-1.1 has caused the Debian Bug report #959176, regarding gammu-smsd: cannot start (wrong path in systemd service file) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 959176: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959176 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: gammu-smsd Version: 1.41.0-1 Severity: grave Tags: patch Dear maintainer, The current version (1.41.0-1) of gammu-smsd cannot start the service because the systemd service file installed in the package uses cmake substitutions, so instead of "/usr/bin", the service file has "${CMAKE_INSTALL_FULL_BINDIR}". This variable is supposed to be substituted during package build, but currently it's not, because the configure script does not find systemd and thus, does not install the modified file; also, dh-install is instructed to take the unmodified file from sources. The correct way to fix this is to make systemd detectable by the configure script, and use the modified file installed by the build system instead of the unmodified file from sources. Here is a patch that does this: it adds systemd to the build dependencies so that the configure script can detect it, and instructs dh-install to use the file installed by the build system instead of the one from sources. Regards, -- Raphaël Halimi From 7073610f61db4309df5102536320a52a72f2c948 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Halimi?= Date: Thu, 30 Apr 2020 11:20:21 +0200 Subject: [PATCH] Fix systemd service file --- debian/control| 3 ++- debian/gammu-smsd.install | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/debian/control b/debian/control index 24a16f8..ac2fab8 100644 --- a/debian/control +++ b/debian/control @@ -19,7 +19,8 @@ Build-Depends: debhelper (>= 9.20160709), libdbi-dev, libbluetooth-dev [linux-any], libgudev-1.0-dev [linux-any], - libglib2.0-dev + libglib2.0-dev, + systemd Standards-Version: 4.5.0 Vcs-Browser: https://salsa.debian.org/debian/gammu Vcs-Git: https://salsa.debian.org/debian/gammu.git diff --git a/debian/gammu-smsd.install b/debian/gammu-smsd.install index 4abdaeb..1dd92a7 100644 --- a/debian/gammu-smsd.install +++ b/debian/gammu-smsd.install @@ -5,4 +5,4 @@ usr/share/man/man1/gammu-smsd* usr/share/man/man7/gammu-smsd* usr/share/man/man5/gammu-smsd* debian/gammu-smsdrc /etc/ -contrib/init/gammu-smsd.service lib/systemd/system/ +lib/systemd/system/gammu-smsd.service -- 2.26.2 signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Source: gammu Source-Version: 1.41.0-1.1 Done: Balint Reczey We believe that the bug you reported is fixed in the latest version of gammu, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 959...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Balint Reczey (supplier of updated gammu package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 21 May 2020 16:57:57 +0200 Source: gammu Architecture: source Version: 1.41.0-1.1 Distribution: unstable Urgency: medium Maintainer: Michal Čihař Changed-By: Balint Reczey Closes: 959176 Launchpad-Bugs-Fixed: 1874554 Changes: gammu (1.41.0-1.1) unstable; urgency=medium . [ Balint Reczey ] * Non-maintainer upload * Add Salsa CI configuration . [ Rolf Leggewie ] * Fix systemd service file (Closes: #959176) (LP: #1874554) * Build-depend on systemd to let CMake install the gammu-smsd service Checksums-Sha1: 32ecb56ce51ca6749d1745e6a8336ffbcc7b0447 2449 gammu_1.41.0-1.1.dsc 46b25cbf6eda93962289f2b799e2604b6a679035 12716 gammu_1.41.0-1.1.debian.tar.xz 6b36b1e456541c3d630172fbfde40a1bdf0450c2 12203 gammu_1.41.0-1.1_source.buildinfo Checksums-Sha256: 2b550a969f4351a36d35cb9dee191ba1fc2d659c6c9ea6cad6687967962d864e 2449 gammu_1.41.0-1.1.dsc 7f8256888ec7f0dae50b6e18c63487a43f30daf417e8264ee18ac15186da2cfa 12716 gammu_1.41.0-1.1.debian.tar.xz
Bug#956694: package should install usable headers by default
This also makes sopt ftbfs. Please patch ./include/spdlog/tweakme.h to set the expected default.
Bug#955578: marked as done (tryton-server breaks tryton-modules-purchase-request autopkgtest: trytond.exceptions.UserError: You can not write in this document!)
Your message dated Thu, 21 May 2020 16:47:52 +0200 with message-id <20200521164752.44531...@monsterix.mbehrle.de> and subject line Re: Bug#955578: tryton-server breaks tryton-modules-purchase-request autopkgtest: trytond.exceptions.UserError: You can not write in this document! has caused the Debian Bug report #955578, regarding tryton-server breaks tryton-modules-purchase-request autopkgtest: trytond.exceptions.UserError: You can not write in this document! to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 955578: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955578 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: tryton-server, tryton-modules-purchase-request Control: found -1 tryton-server/5.0.19-1 Control: found -1 tryton-modules-purchase-request/5.0.3-1 Severity: serious Tags: sid bullseye X-Debbugs-CC: debian...@lists.debian.org User: debian...@lists.debian.org Usertags: breaks needs-update Dear maintainer(s), With a recent upload of tryton-server the autopkgtest of tryton-modules-purchase-request fails in testing when that autopkgtest is run with the binary packages of tryton-server from unstable. It passes when run with only packages from testing. In tabular form: passfail tryton-serverfrom testing5.0.19-1 tryton-modules-purchase-request from testing5.0.3-1 all others from testingfrom testing I copied some of the output at the bottom of this report. Currently this regression is blocking the migration of tryton-server to testing [1]. Due to the nature of this issue, I filed this bug report against both packages. Can you please investigate the situation and reassign the bug to the right package? More information about this bug and the reason for filing it can be found on https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation Paul [1] https://qa.debian.org/excuses.php?package=tryton-server https://ci.debian.net/data/autopkgtest/testing/amd64/t/tryton-modules-purchase-request/4784546/log.gz == FAIL: /usr/lib/python3/dist-packages/trytond/modules/purchase_request/tests/scenario_purchase_request.rst Doctest: scenario_purchase_request.rst -- Traceback (most recent call last): File "/usr/lib/python3.8/doctest.py", line 2197, in runTest raise self.failureException(self.format_failure(new.getvalue())) AssertionError: Failed doctest test for scenario_purchase_request.rst File "/usr/lib/python3/dist-packages/trytond/modules/purchase_request/tests/scenario_purchase_request.rst", line 0 -- File "/usr/lib/python3/dist-packages/trytond/modules/purchase_request/tests/scenario_purchase_request.rst", line 170, in scenario_purchase_request.rst Failed example: create_purchase = Wizard('purchase.request.create_purchase', [pr]) Exception raised: Traceback (most recent call last): File "/usr/lib/python3.8/doctest.py", line 1329, in __run exec(compile(example.source, filename, "single", File "", line 1, in create_purchase = Wizard('purchase.request.create_purchase', File "/usr/lib/python3/dist-packages/proteus/__init__.py", line 1169, in __init__ self.execute(self.start_state) File "/usr/lib/python3/dist-packages/proteus/__init__.py", line 1195, in execute result = self._proxy.execute(self.session_id, data, self.state, File "/usr/lib/python3/dist-packages/proteus/config.py", line 195, in __call__ result = rpc.result(meth(*args, **kwargs)) File "/usr/lib/python3/dist-packages/trytond/wizard/wizard.py", line 280, in execute cls.check_access() File "/usr/lib/python3/dist-packages/trytond/wizard/wizard.py", line 242, in check_access ModelAccess.check(model, 'write') File "/usr/lib/python3/dist-packages/trytond/ir/model.py", line 522, in check cls.raise_user_error(mode, model_name) File "/usr/lib/python3/dist-packages/trytond/error.py", line 74, in raise_user_error raise UserError(error) trytond.exceptions.UserError: You can not write in this document! (purchase.request) - signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Fixed in version tryton-modules-stock-supply/5.0.5-1--- End Message ---
Bug#955580: marked as done (tryton-server breaks tryton-modules-stock-supply autopkgtest: trytond.exceptions.UserError: You can not write in this document!)
Your message dated Thu, 21 May 2020 16:46:40 +0200 with message-id <20200521164640.53fbe...@monsterix.mbehrle.de> and subject line Re: Bug#955580: tryton-server breaks tryton-modules-stock-supply autopkgtest: trytond.exceptions.UserError: You can not write in this document! has caused the Debian Bug report #955580, regarding tryton-server breaks tryton-modules-stock-supply autopkgtest: trytond.exceptions.UserError: You can not write in this document! to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 955580: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955580 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: tryton-server, tryton-modules-stock-supply Control: found -1 tryton-server/5.0.19-1 Control: found -1 tryton-modules-stock-supply/5.0.4-1 Severity: serious Tags: sid bullseye X-Debbugs-CC: debian...@lists.debian.org User: debian...@lists.debian.org Usertags: breaks needs-update Dear maintainer(s), With a recent upload of tryton-server the autopkgtest of tryton-modules-stock-supply fails in testing when that autopkgtest is run with the binary packages of tryton-server from unstable. It passes when run with only packages from testing. In tabular form: passfail tryton-serverfrom testing5.0.19-1 tryton-modules-stock-supply from testing5.0.4-1 all others from testingfrom testing I copied some of the output at the bottom of this report. Currently this regression is blocking the migration of tryton-server to testing [1]. Due to the nature of this issue, I filed this bug report against both packages. Can you please investigate the situation and reassign the bug to the right package? More information about this bug and the reason for filing it can be found on https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation Paul [1] https://qa.debian.org/excuses.php?package=tryton-server https://ci.debian.net/data/autopkgtest/testing/amd64/t/tryton-modules-stock-supply/4784547/log.gz == FAIL: /usr/lib/python3/dist-packages/trytond/modules/stock_supply/tests/scenario_stock_supply_purchase_request.rst Doctest: scenario_stock_supply_purchase_request.rst -- Traceback (most recent call last): File "/usr/lib/python3.8/doctest.py", line 2197, in runTest raise self.failureException(self.format_failure(new.getvalue())) AssertionError: Failed doctest test for scenario_stock_supply_purchase_request.rst File "/usr/lib/python3/dist-packages/trytond/modules/stock_supply/tests/scenario_stock_supply_purchase_request.rst", line 0 -- File "/usr/lib/python3/dist-packages/trytond/modules/stock_supply/tests/scenario_stock_supply_purchase_request.rst", line 167, in scenario_stock_supply_purchase_request.rst Failed example: create_purchase = Wizard('purchase.request.create_purchase', [pr]) Exception raised: Traceback (most recent call last): File "/usr/lib/python3.8/doctest.py", line 1329, in __run exec(compile(example.source, filename, "single", File "", line 1, in create_purchase = Wizard('purchase.request.create_purchase', [pr]) File "/usr/lib/python3/dist-packages/proteus/__init__.py", line 1169, in __init__ self.execute(self.start_state) File "/usr/lib/python3/dist-packages/proteus/__init__.py", line 1195, in execute result = self._proxy.execute(self.session_id, data, self.state, File "/usr/lib/python3/dist-packages/proteus/config.py", line 195, in __call__ result = rpc.result(meth(*args, **kwargs)) File "/usr/lib/python3/dist-packages/trytond/wizard/wizard.py", line 280, in execute cls.check_access() File "/usr/lib/python3/dist-packages/trytond/wizard/wizard.py", line 242, in check_access ModelAccess.check(model, 'write') File "/usr/lib/python3/dist-packages/trytond/ir/model.py", line 522, in check cls.raise_user_error(mode, model_name) File "/usr/lib/python3/dist-packages/trytond/error.py", line 74, in raise_user_error raise UserError(error) trytond.exceptions.UserError: You can not write in this document! (purchase.request) - signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- fixed in tryton-modules-purchase-request/5.0.4-1--- End Message ---
Bug#961209: marked as done (tomcat9: CVE-2020-9484)
Your message dated Thu, 21 May 2020 14:36:20 + with message-id and subject line Bug#961209: fixed in tomcat9 9.0.35-1 has caused the Debian Bug report #961209, regarding tomcat9: CVE-2020-9484 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 961209: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961209 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: tomcat9 Version: 9.0.34-1 Severity: grave Tags: security upstream Justification: user security hole Control: found -1 9.0.31-1~deb10u1 Control: found -1 9.0.16-4 Hi, The following vulnerability was published for tomcat9. CVE-2020-9484[0]: | When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to | 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able | to control the contents and name of a file on the server; and b) the | server is configured to use the PersistenceManager with a FileStore; | and c) the PersistenceManager is configured with | sessionAttributeValueClassNameFilter="null" (the default unless a | SecurityManager is used) or a sufficiently lax filter to allow the | attacker provided object to be deserialized; and d) the attacker knows | the relative file path from the storage location used by FileStore to | the file the attacker has control over; then, using a specifically | crafted request, the attacker will be able to trigger remote code | execution via deserialization of the file under their control. Note | that all of conditions a) to d) must be true for the attack to | succeed. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-9484 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484 [1] https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.35 Regards, Salvatore --- End Message --- --- Begin Message --- Source: tomcat9 Source-Version: 9.0.35-1 Done: Emmanuel Bourg We believe that the bug you reported is fixed in the latest version of tomcat9, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 961...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Emmanuel Bourg (supplier of updated tomcat9 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 21 May 2020 15:50:03 +0200 Source: tomcat9 Architecture: source Version: 9.0.35-1 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers Changed-By: Emmanuel Bourg Closes: 961209 Changes: tomcat9 (9.0.35-1) unstable; urgency=medium . * New upstream release - Fixes CVE-2020-9484: Remote Code Execution via session persistence (Closes: #961209) - Refreshed the patches Checksums-Sha1: ce85823e1fe4ba757e639ca3bdeb6b6db6cf321a 2737 tomcat9_9.0.35-1.dsc dfd5dd2f5ed57ada9d95e5738b27fc487bc32706 3903000 tomcat9_9.0.35.orig.tar.xz 02fd85eb1833d4f3b6fe015151060250741acd20 33348 tomcat9_9.0.35-1.debian.tar.xz f2ecd1414cf937f54b01b265fed9d6f9fe4dbf16 12023 tomcat9_9.0.35-1_source.buildinfo Checksums-Sha256: ec605bfa3ab61fb8ed0d371a52e90d97083ddc9f5605895f4048edcc874fcd8d 2737 tomcat9_9.0.35-1.dsc 5c6ed35d2ef635c4e3cea63649f2f36050cd24eca46b10a29f58ae14a0d114c0 3903000 tomcat9_9.0.35.orig.tar.xz d7a73d083ca8dec6cf851238867fe52d84c0bf59b5291640e92d878adb2197f4 33348 tomcat9_9.0.35-1.debian.tar.xz 6b9a69b2d4365f8671d55e4199543f64e8e5058aafcccde797e2dbda49075174 12023 tomcat9_9.0.35-1_source.buildinfo Files: b6af53095e5b8d51cba1aa966674c946 2737 java optional tomcat9_9.0.35-1.dsc 483e1840c38d436cdf7722f6789728b1 3903000 java optional tomcat9_9.0.35.orig.tar.xz db7dc088cfaec9fb21d06e6d73ae9cd0 33348 java optional tomcat9_9.0.35-1.debian.tar.xz 230de0b65d9c1fd9318044bbe63f4e52 12023 java optional tomcat9_9.0.35-1_source.buildinfo -BEGIN PGP SIGNATURE- iQJGBAEBCgAwFiEEuM5N4hCA3PkD4WxA9RPEGeS50KwFAl7Gh18SHGVib3VyZ0Bh cGFjaGUub3JnAAoJEPUTxBnkudCsVy4QAIDdBAb3gx7+rAZuI28mhJ000YV6Mf6K SdGcZ8LFuG6QqBzLiVaQwLkyujt8L6FH3uI9MltVwsjxkQC1bkR6zJDOmu6E8q4Q
Bug#961201: ceph-common does not include /usr/bin/ceph-crush-location (but it should)
severity 961201 minor thanks > Starting ceph's osd via /etc/init.d/ceph fails, because the init script > refers to ceph-crush-location, does not find it and exits 2. The init script from the package does not call this command. Actually the command was removed from ceph in 2018. > Note: the manpage for this binary is included, the binary itself is > missing. I'll remove it. > This is tested on Devuan Beowulf, but any ceph operation also on systemd > based distros that require ceph-crush-location will fail. Doesn't exist, can't be required. I'd assume you've configured something that is not supported anymore. Bernd -- Bernd ZeimetzDebian GNU/Linux Developer http://bzed.dehttp://www.debian.org GPG Fingerprint: ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F
Processed: Bug#961201: ceph-common does not include /usr/bin/ceph-crush-location (but it should)
Processing commands for cont...@bugs.debian.org: > severity 961201 minor Bug #961201 [ceph-common] ceph-common does not include /usr/bin/ceph-crush-location (but it should) Severity set to 'minor' from 'grave' > thanks Stopping processing here. Please contact me if you need assistance. -- 961201: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961201 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#961216: inkscape: symbol resolution problem
Package: inkscape Version: 1.0-1 Severity: grave Justification: renders package unusable $ inkscape inkscape: symbol lookup error: /usr/bin/../lib/x86_64-linux-gnu/inkscape/libinkscape_base.so: undefined symbol: _ZN3Gio11Application35set_option_context_parameter_stringERKN4Glib7ustringE $ ldd `which inkscape` linux-vdso.so.1 (0x7ffe1491c000) libinkscape_base.so => /usr/bin/../lib/x86_64-linux-gnu/inkscape/libinkscape_base.so (0x7f7edc1a6000) libglib-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 (0x7f7edc049000) libgtkmm-3.0.so.1 => /usr/lib/x86_64-linux-gnu/libgtkmm-3.0.so.1 (0x7f7edbab) libgiomm-2.4.so.1 => /usr/lib/x86_64-linux-gnu/libgiomm-2.4.so.1 (0x7f7edb6fa000) libglibmm-2.4.so.1 => /usr/lib/x86_64-linux-gnu/libglibmm-2.4.so.1 (0x7f7edb476000) libgtk-3.so.0 => /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 (0x7f7edacdf000) libstdc++.so.6 => /usr/lib/x86_64-linux-gnu/libstdc++.so.6 (0x7f7edab1) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x7f7eda94d000) libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x7f7eda933000) libpangocairo-1.0.so.0 => /usr/lib/x86_64-linux-gnu/libpangocairo-1.0.so.0 (0x7f7eda922000) libcairo.so.2 => /usr/lib/x86_64-linux-gnu/libcairo.so.2 (0x7f7eda802000) libpangoft2-1.0.so.0 => /usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0 (0x7f7eda7ea000) libpango-1.0.so.0 => /usr/lib/x86_64-linux-gnu/libpango-1.0.so.0 (0x7f7eda79a000) libharfbuzz.so.0 => /usr/lib/x86_64-linux-gnu/libharfbuzz.so.0 (0x7f7eda695000) libfontconfig.so.1 => /usr/lib/x86_64-linux-gnu/libfontconfig.so.1 (0x7f7eda64f000) libfreetype.so.6 => /usr/lib/x86_64-linux-gnu/libfreetype.so.6 (0x7f7eda59) libgsl.so.25 => /usr/lib/x86_64-linux-gnu/libgsl.so.25 (0x7f7eda2bf000) libgmodule-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgmodule-2.0.so.0 (0x7f7eda2b9000) libsoup-2.4.so.1 => /usr/lib/x86_64-linux-gnu/libsoup-2.4.so.1 (0x7f7eda21b000) libgio-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0 (0x7f7eda043000) libgobject-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0 (0x7f7ed9fe4000) liblcms2.so.2 => /usr/lib/x86_64-linux-gnu/liblcms2.so.2 (0x7f7ed9f87000) libgc.so.1 => /usr/lib/x86_64-linux-gnu/libgc.so.1 (0x7f7ed9f1) libpoppler.so.82 => /usr/lib/x86_64-linux-gnu/libpoppler.so.82 (0x7f7ed9c1f000) libpoppler-glib.so.8 => /usr/lib/x86_64-linux-gnu/libpoppler-glib.so.8 (0x7f7ed9bc2000) libwpg-0.3.so.3 => /usr/lib/x86_64-linux-gnu/libwpg-0.3.so.3 (0x7f7ed99a7000) librevenge-0.0.so.0 => /usr/lib/x86_64-linux-gnu/librevenge-0.0.so.0 (0x7f7ed977c000) librevenge-stream-0.0.so.0 => /usr/lib/x86_64-linux-gnu/librevenge-stream-0.0.so.0 (0x7f7ed955e000) libvisio-0.1.so.1 => /usr/lib/x86_64-linux-gnu/libvisio-0.1.so.1 (0x7f7ed92bb000) libcdr-0.1.so.1 => /usr/lib/x86_64-linux-gnu/libcdr-0.1.so.1 (0x7f7ed9022000) libjpeg.so.62 => /usr/lib/x86_64-linux-gnu/libjpeg.so.62 (0x7f7ed8db7000) libpng16.so.16 => /usr/lib/x86_64-linux-gnu/libpng16.so.16 (0x7f7ed8d7e000) libpotrace.so.0 => /usr/lib/x86_64-linux-gnu/libpotrace.so.0 (0x7f7ed8b76000) libdbus-glib-1.so.2 => /usr/lib/x86_64-linux-gnu/libdbus-glib-1.so.2 (0x7f7ed894e000) libatkmm-1.6.so.1 => /usr/lib/x86_64-linux-gnu/libatkmm-1.6.so.1 (0x7f7ed8701000) libgdkmm-3.0.so.1 => /usr/lib/x86_64-linux-gnu/libgdkmm-3.0.so.1 (0x7f7ed86a5000) libpangomm-1.4.so.1 => /usr/lib/x86_64-linux-gnu/libpangomm-1.4.so.1 (0x7f7ed867) libcairomm-1.0.so.1 => /usr/lib/x86_64-linux-gnu/libcairomm-1.0.so.1 (0x7f7ed844a000) libsigc-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libsigc-2.0.so.0 (0x7f7ed8243000) libgdl-3.so.5 => /usr/lib/x86_64-linux-gnu/libgdl-3.so.5 (0x7f7ed820e000) libgdk-3.so.0 => /usr/lib/x86_64-linux-gnu/libgdk-3.so.0 (0x7f7ed810f000) libgdk_pixbuf-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0 (0x7f7ed80e8000) libgtkspell3-3.so.0 => /usr/lib/x86_64-linux-gnu/libgtkspell3-3.so.0 (0x7f7ed7edc000) libxslt.so.1 => /usr/lib/x86_64-linux-gnu/libxslt.so.1 (0x7f7ed7e9a000) libxml2.so.2 => /usr/lib/x86_64-linux-gnu/libxml2.so.2 (0x7f7ed7ce1000) libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x7f7ed7ac3000) libMagick++-6.Q16.so.8 => /usr/lib/x86_64-linux-gnu/libMagick++-6.Q16.so.8 (0x7f7ed7a35000) libX11.so.6 => /usr/lib/x86_64-linux-gnu/libX11.so.6 (0x7f7ed78f3000) libdouble-conversion.so.3 => /usr/lib/x86_64-linux-gnu/libdouble-conversion.so.3 (0x7f7ed78da000) libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x7f7ed7795000) libgomp.so.1 => /usr/lib/x86_64-linux-gnu/libgomp.so.1 (0x7f7ed7755000) libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x7f7ed76e1000) libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x7f7ed76c) libXi.so.6 => /usr/lib/x86_64-linux-gnu/libXi.so.6 (0x7f7ed74ae000) libXfixes.so.3 => /usr/lib/x86_64-linux-gnu/libXfixes.so.3 (0x7f7ed72a8000) libcairo-gobject.so.2 =>
Bug#938544: sphinx-patchqueue: Python2 removal in sid/bullseye
On Thursday, 21 May 2020 9:56:11 PM AEST Julien Cristau wrote: > mercurial in experimental is built for python3, is there a chance you > could test sphinx-patchqueue with it before I upload to sid? Sorry I can't quite get to it yet... Please upload, don't wait for me. -- Best wishes, Dmitry Smirnov. --- There is nothing more odious than the majority. It consist of a few powerful men who lead the way; of accommodating rascals and submissive weaklings; and of a mass of men who trot after them without in the least knowing their own minds. -- Johann Wolfgang von Goethe signature.asc Description: This is a digitally signed message part.
Bug#961211: r-cran-lwgeom: autopkgtest failures on s390x
Source: r-cran-lwgeom Version: 0.2-3-1 Severity: serious Hello, looks like some changes in r-cran-lwgeom/proj/geom made the testsuite fail with the latest versions of the programs in sid. Looks like an endianess regression introduced in the last version fo lwgeom, can you please have a look? I'm attaching a log taken from a test on zelenka.debian.org thanks Gianfranco BEGIN TEST azimuth.R R version 4.0.0 (2020-04-24) -- "Arbor Day" Copyright (C) 2020 The R Foundation for Statistical Computing Platform: s390x-ibm-linux-gnu (64-bit) R is free software and comes with ABSOLUTELY NO WARRANTY. You are welcome to redistribute it under certain conditions. Type 'license()' or 'licence()' for distribution details. R is a collaborative project with many contributors. Type 'contributors()' for more information and 'citation()' on how to cite R or R packages in publications. Type 'demo()' for some demos, 'help()' for on-line help, or 'help.start()' for an HTML browser interface to help. Type 'q()' to quit R. > suppressPackageStartupMessages(library(sf)) > suppressPackageStartupMessages(library(lwgeom)) > p = st_sfc(st_point(c(7,52)), st_point(c(8,53)), crs = 4326) > st_geod_azimuth(p) Unknown WKB type (248)! Full WKB type number was (16777248). Error in CPL_geodetic_azimuth(st_geometry(x), p$SemiMajor, p$InvFlattening) : lwgeom error Calls: st_geod_azimuth -> CPL_geodetic_azimuth Execution halted BEGIN TEST dist.R R version 4.0.0 (2020-04-24) -- "Arbor Day" Copyright (C) 2020 The R Foundation for Statistical Computing Platform: s390x-ibm-linux-gnu (64-bit) R is free software and comes with ABSOLUTELY NO WARRANTY. You are welcome to redistribute it under certain conditions. Type 'license()' or 'licence()' for distribution details. R is a collaborative project with many contributors. Type 'contributors()' for more information and 'citation()' on how to cite R or R packages in publications. Type 'demo()' for some demos, 'help()' for on-line help, or 'help.start()' for an HTML browser interface to help. Type 'q()' to quit R. > suppressPackageStartupMessages(library(sf)) > library(sp) > suppressPackageStartupMessages(library(units)) > library(geosphere) > > x = st_sfc( + st_point(c(0,0)), + st_point(c(1,0)), + st_point(c(2,0)), + st_point(c(3,0)), + crs = 4326 + ) > > y = st_sfc( + st_point(c(0,10)), + st_point(c(1,0)), + st_point(c(2,0)), + st_point(c(3,0)), + st_point(c(4,0)), + crs = 4326 + ) > > st_crs(y) = 4326 > st_crs(x) = 4326 > (d.sf = st_distance(x, y)) Error in CPL_geodetic_distance(st_geometry(x), st_geometry(y), p$SemiMajor, : Unknown WKB type (248)! Full WKB type number was (16777248). Calls: st_distance -> -> CPL_geodetic_distance Execution halted BEGIN TEST geod.R R version 4.0.0 (2020-04-24) -- "Arbor Day" Copyright (C) 2020 The R Foundation for Statistical Computing Platform: s390x-ibm-linux-gnu (64-bit) R is free software and comes with ABSOLUTELY NO WARRANTY. You are welcome to redistribute it under certain conditions. Type 'license()' or 'licence()' for distribution details. R is a collaborative project with many contributors. Type 'contributors()' for more information and 'citation()' on how to cite R or R packages in publications. Type 'demo()' for some demos, 'help()' for on-line help, or 'help.start()' for an HTML browser interface to help. Type 'q()' to quit R. > ### Name: lw_geodetic > ### Title: geodetic length, area, and predicates > ### Aliases: lw_geodetic st_geod_area lw_geodetic st_geod_length > ### lw_geodetic st_geod_segmentize lw_geodetic st_geod_covers > > ### ** Examples > > suppressPackageStartupMessages(library(sf)) > suppressPackageStartupMessages(library(lwgeom)) > suppressPackageStartupMessages(library(units)) > nc = st_read(system.file("gpkg/nc.gpkg", package="sf"), quiet = TRUE) > st_geod_area(nc[1:3,]) Unknown WKB type (296)! Full WKB type number was (100663296). Error in CPL_geodetic_area(st_geometry(x), p$SemiMajor, p$InvFlattening) : lwgeom error Calls: st_geod_area -> CPL_geodetic_area Execution halted BEGIN TEST perimeter.R R version 4.0.0 (2020-04-24) -- "Arbor Day" Copyright (C) 2020 The R Foundation for Statistical Computing Platform: s390x-ibm-linux-gnu (64-bit) R is free software and comes with ABSOLUTELY NO WARRANTY. You are welcome to redistribute it under certain conditions. Type 'license()' or 'licence()' for distribution details. R is a collaborative project with many contributors. Type 'contributors()' for more information and 'citation()' on how to cite R or R packages in publications. Type 'demo()' for some demos, 'help()' for on-line help, or 'help.start()' for an HTML browser interface to help. Type 'q()' to quit R. > suppressPackageStartupMessages(library(lwgeom)) > suppressPackageStartupMessages(library(sf)) > nc = st_read(system.file("gpkg/nc.gpkg", package="sf"), quiet = TRUE) > nc = st_transform(nc, 3857) > st_perimeter(nc)[1:5] Unknown WKB type (328)! Full WKB type number was (100663328). Error in
Bug#961209: tomcat9: CVE-2020-9484
Source: tomcat9 Version: 9.0.34-1 Severity: grave Tags: security upstream Justification: user security hole Control: found -1 9.0.31-1~deb10u1 Control: found -1 9.0.16-4 Hi, The following vulnerability was published for tomcat9. CVE-2020-9484[0]: | When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to | 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able | to control the contents and name of a file on the server; and b) the | server is configured to use the PersistenceManager with a FileStore; | and c) the PersistenceManager is configured with | sessionAttributeValueClassNameFilter="null" (the default unless a | SecurityManager is used) or a sufficiently lax filter to allow the | attacker provided object to be deserialized; and d) the attacker knows | the relative file path from the storage location used by FileStore to | the file the attacker has control over; then, using a specifically | crafted request, the attacker will be able to trigger remote code | execution via deserialization of the file under their control. Note | that all of conditions a) to d) must be true for the attack to | succeed. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-9484 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484 [1] https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.35 Regards, Salvatore
Processed: tomcat9: CVE-2020-9484
Processing control commands: > found -1 9.0.31-1~deb10u1 Bug #961209 [src:tomcat9] tomcat9: CVE-2020-9484 Marked as found in versions tomcat9/9.0.31-1~deb10u1. > found -1 9.0.16-4 Bug #961209 [src:tomcat9] tomcat9: CVE-2020-9484 Marked as found in versions tomcat9/9.0.16-4. -- 961209: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961209 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#961207: libgraphics-colorobject-perl: FTBFS: Cannot load color naming scheme module Graphics::ColorNames::HTML
Source: libgraphics-colorobject-perl Version: 0.5.0-9 Severity: serious This package failed to build on the arch:all autobuilder. https://buildd.debian.org/status/fetch.php?pkg=libgraphics-colorobject-perl=all=0.5.0-9=1590030764=0 # Failed test 'use Graphics::ColorObject;' # at t/01load.t line 2. # Tried to use 'Graphics::ColorObject'. # Error: Cannot load color naming scheme module Graphics::ColorNames::HTML at /<>/blib/lib/Graphics/ColorObject.pm line 2096. # Compilation failed in require at t/01load.t line 2. # BEGIN failed--compilation aborted at t/01load.t line 2. # Looks like you failed 1 test of 1. -- Niko Tyni nt...@debian.org
Bug#938544: sphinx-patchqueue: Python2 removal in sid/bullseye
Hi Dmitry, mercurial in experimental is built for python3, is there a chance you could test sphinx-patchqueue with it before I upload to sid? Thanks, Julien
Processed: affects 956694
Processing commands for cont...@bugs.debian.org: > affects 956694 src:lizardfs Bug #956694 [libspdlog-dev] spdlog refers to header files that it does not ship Added indication that 956694 affects src:lizardfs > thanks Stopping processing here. Please contact me if you need assistance. -- 956694: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956694 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#961203: ensmallen FTBFS on armel/armhf/mipsel: test failure
Source: ensmallen Version: 2.12.1-1 Severity: serious Tags: ftbfs https://buildd.debian.org/status/package.php?p=ensmallen=sid ... 0.000 s: ProgressBarCallbackNoMaxIterationsTest 0.000 s: ProgressBarCallbackNoMaxIterationsEpochTest 0.000 s: ProgressBarCallbackEpochTest 0.011 s: SimpleTestFunction 0.070 s: CMAESLogisticRegressionTest 0.037 s: ApproxCMAESLogisticRegressionTest 0.064 s: CMAESLogisticRegressionFMatTest 0.028 s: ApproxCMAESLogisticRegressionFMatTest 4.512 s: CNELogisticRegressionTest 2.569 s: CNELogisticRegressionFMatTest 0.815 s: CNECrossInTrayFunctionTest 0.775 s: CNEAckleyFunctionTest 0.727 s: CNEBealeFunctionTest 0.756 s: CNEGoldsteinPriceFunctionTest 0.899 s: CNELevyFunctionN13Test 0.004 s: CNEHimmelblauFunctionTest 0.805 s: CNEThreeHumpCamelFunctionTest 0.866 s: CNESchafferFunctionN4Test 0.812 s: CNESchafferFunctionN2Test 0.237 s: DELogisticRegressionTest 0.131 s: DELogisticRegressionFMatTest 0.422 s: EveSGDFunction 0.853 s: EveLogisticRegressionTest 0.004 s: EveSphereFunctionTest 0.005 s: EveStyblinskiTangFunctionTest 0.004 s: EveStyblinskiTangFunctionFMatTest 0.038 s: EveStyblinskiTangFunctionSpMatTest 0.000 s: FWOMPTest 0.000 s: FWRegularizedOMP 0.000 s: FWPruneSupportOMP 0.000 s: FWAtomNormConstraint 0.060 s: ClassicFW 0.043 s: ClassicFWFMat 0.000 s: FWLineSearch 0.068 s: FWLineSearchFMat 1.004 s: FTMLSGDFunction 0.178 s: FTMLLogisticRegressionTest 0.078 s: FTMLSphereFunctionTest 0.049 s: FTMLStyblinskiTangFunctionTest 0.047 s: FTMLStyblinskiTangFunctionFMatTest 0.000 s: AddEvaluateWithGradientEmptyTest 0.000 s: AddEvaluateWithGradientEvaluateOnlyTest 0.000 s: AddEvaluateWithGradientGradientOnlyTest 0.000 s: AddEvaluateWithGradientBothTest 0.000 s: AddEvaluateWithGradientEvaluateWithGradientTest 0.000 s: AddEvaluateWithGradientAllThreeTest 0.000 s: LogisticRegressionEvaluateWithGradientTest 0.000 s: SDPTest 0.000 s: AddSeparableEvaluateWithGradientEmptyTest 0.000 s: AddSeparableEvaluateWithGradientEvaluateOnlyTest 0.000 s: AddSeparableEvaluateWithGradientGradientOnlyTest 0.000 s: AddSeparableEvaluateWithGradientBothTest 0.000 s: AddSeparableEvaluateWGradientEvaluateWithGradientTest 0.000 s: AddSeparableEvaluateWithGradientAllThreeTest 0.000 s: AddEvaluateWithGradientMixedTypesTest 0.000 s: AddEvaluateWithGradientMixedTypesStaticTest 0.000 s: SeparableFunctionTypeCheckTest 0.000 s: LagrangianFunctionTypeCheckTest 0.000 s: SparseFunctionTypeCheckTest 0.000 s: ResolvableFunctionTypeCheckTest 0.000 s: SimpleGDTestFunction 0.004 s: GDRosenbrockTest 0.003 s: GDRosenbrockFMatTest 0.000 s: GridSearchTest 0.000 s: GridSearchFMatTest 0.000 s: GridSearchIMatTest 0.034 s: IQNLogisticRegressionTest 0.053 s: IQNLogisticRegressionFMatTest 0.306 s: KatyushaLogisticRegressionTest 0.307 s: KatyushaProximalLogisticRegressionTest 0.271 s: KatyushaLogisticRegressionFMatTest 0.271 s: KatyushaProximalLogisticRegressionFMatTest 14.542 s: KatyushaLogisticRegressionSpMatTest 14.549 s: KatyushaProximalLogisticRegressionSpMatTest 0.000 s: RosenbrockFunctionTest 0.000 s: RosenbrockFunctionFloatTest 0.001 s: RosenbrockFunctionSpGradTest 0.001 s: RosenbrockFunctionSpMatTest 0.000 s: ColvilleFunctionTest 0.000 s: WoodFunctionTest 0.634 s: GeneralizedRosenbrockFunctionTest 0.001 s: RosenbrockWoodFunctionTest 0.000 s: FuncFWTest 0.000 s: FuncFWFMatTest 0.000 s: LookaheadAdamSphereFunctionTest 0.258 s: LookaheadAdamSimpleSGDTestFunction 0.001 s: LookaheadAdaGradSphereFunction 0.196 s: LookaheadAdamLogisticRegressionTest 0.219 s: LookaheadAdamSimpleSGDTestFunctionFloat 4.043 s: Johnson844LovaszThetaSDP 2.606 s: Johnson844LovaszThetaFMatSDP 5.477 s: ErdosRenyiRandomGraphMaxCutSDP 32.619 s: GaussianMatrixSensingSDP 2.265 s: MomentumSGDSpeedUpTestFunction 3.573 s: MomentumSGDGeneralizedRosenbrockTest 14.175 s: MomentumSGDGeneralizedRosenbrockFMatTest 41.743 s: MomentumSGDGeneralizedRosenbrockSpMatTest 1.611 s: NesterovMomentumSGDSpeedUpTestFunction 4.981 s: NesterovMomentumSGDGeneralizedRosenbrockTest 2.113 s: NesterovMomentumSGDGeneralizedRosenbrockFMatTest 76.503 s: NesterovMomentumSGDGeneralizedRosenbrockSpMatTest 0.000 s: ExponentialBackoffDecayTest 0.008 s: ProjectToL1 0.044 s: ProjectToL0 0.021 s: LBestPSOSphereFunctionTest 0.021 s: LBestPSOSphereFunctionFMatTest 0.262 s: LBestPSORosenbrockTest 0.233 s: LBestPSORosenbrockFMatTest 0.418 s: LBestPSORosenbrockDoubleTest 0.173 s: LBestPSOCrossInTrayFunctionTest 0.020 s: LBestPSOAckleyFunctionTest 0.016 s: LBestPSOBealeFunctionTest 0.013 s: LBestPSOGoldsteinPriceFunctionTest 0.019 s: LBestPSOLevyFunctionN13Test 0.011 s: LBestPSOHimmelblauFunctionTest 0.018 s: LBestPSOThreeHumpCamelFunctionTest 0.119 s: LBestPSOSchafferFunctionN2Test 0.313 s: QHSGDTestFunction 0.482 s: QHSGDFMatTestFunction 20.796 s: QHSGDSpMatTestFunction 9.989 s: QHSGDSGDGeneralizedRosenbrockTest 3.523 s: RMSPropSGDFunction 0.075 s: RMSPropLogisticRegressionTest 0.070 s: RMSPropLogisticRegressionFMatTest 3.881 s: RMSPropLogisticRegressionSpMatTest 0.066 s: SAGeneralizedRosenbrockTest 0.015 s:
Bug#961201: ceph-common does not include /usr/bin/ceph-crush-location (but it should)
Package: ceph-common Version: 14.2.9-1~bpo10+1 Severity: grave Justification: renders package unusable Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? Installing ceph * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? Starting ceph's osd via /etc/init.d/ceph fails, because the init script refers to ceph-crush-location, does not find it and exits 2. Note: the manpage for this binary is included, the binary itself is missing. This is tested on Devuan Beowulf, but any ceph operation also on systemd based distros that require ceph-crush-location will fail. *** End of the template - remove these template lines *** -- System Information: Distributor ID: Debian Description:Devuan GNU/Linux 3 (beowulf) Release:3 Codename: beowulf Architecture: x86_64 Kernel: Linux 4.9.0-4-amd64 (SMP w/16 CPU cores) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages ceph-common depends on: ii libaio1 0.3.112-3 ii libbabeltrace1 1.5.6-2+deb10u1 ii libblkid1 2.33.1-0.1+devuan1~beowulf2 ii libboost-coroutine1.67.01.67.0-13+deb10u1 ii libboost-program-options1.67.0 1.67.0-13+deb10u1 ii libboost-system1.67.0 1.67.0-13+deb10u1 ii libboost-thread1.67.0 1.67.0-13+deb10u1 ii libc6 2.28-10 ii libcap-ng0 0.7.9-2 ii libcephfs2 14.2.9-1~bpo10+1 ii libcurl3-gnutls 7.64.0-4+deb10u1 ii libeudev1 [libudev1]3.2.7-6 ii libexpat1 2.2.6-2+deb10u1 ii libgcc1 1:8.3.0-6 ii libgoogle-perftools42.7-1 ii libkeyutils11.6-6 ii libldap-2.4-2 2.4.47+dfsg-3+deb10u2 ii libleveldb1d1.20-2.1 ii liblz4-11.8.3-1 ii libncurses6 6.1+20181013-2+deb10u2 ii libnspr42:4.20-1 ii libnss3 2:3.42.1-1+deb10u2 ii liboath02.6.1-1.3 ii librabbitmq40.9.0-0.2 ii librados2 14.2.9-1~bpo10+1 ii libradosstriper114.2.9-1~bpo10+1 ii librbd1 14.2.9-1~bpo10+1 ii libsnappy1v51.1.7-1 ii libssl1.1 1.1.1d-0+deb10u3 ii libstdc++6 8.3.0-6 ii libtinfo6 6.1+20181013-2+deb10u2 ii libudev11:3.2.7+devuan1.1 ii python3 3.7.3-1 ii python3-cephfs 14.2.9-1~bpo10+1 ii python3-prettytable 0.7.2-4 ii python3-rados 14.2.9-1~bpo10+1 ii python3-rbd 14.2.9-1~bpo10+1 ii python3-requests2.21.0-1 ii zlib1g 1:1.2.11.dfsg-1 ceph-common recommends no packages. Versions of packages ceph-common suggests: ii ceph 14.2.9-1~bpo10+1 pn ceph-mds -- no debconf information -- Modern, affordable, Swiss Virtual Machines. Visit www.datacenterlight.ch
Bug#960073: Package:python-pyqt5 Run the example code with Trace and crash (SIGABRT)
Control: tags -1 moreinfo Hi! On Sat, May 09, 2020 at 10:48:42AM +0800, pengzongli wrote: > When ever I run the example code on the arm machine, It results in the error > below: > > / Could not initialize GLX/ > /Aborted (core dumped)/ > but when I run the same example code on the x86 machine(Debian 8.3.0-6), > there is no error. This is because the OpenGL hardware/drivers are different on ARM and x86. I think I have seen similar issues before with old Qt versions. Can you please check the following two things: - Whether installing libglvnd-dev package helps? - Whether exporting QT_XCB_GL_INTEGRATION=xcb_egl environment variable helps? -- Dmitry Shachnev signature.asc Description: PGP signature
Processed: Re: Bug#960073: Package:python-pyqt5 Run the example code with Trace and crash (SIGABRT)
Processing control commands: > tags -1 moreinfo Bug #960073 [python-pyqt5] Package:python-pyqt5 Run the example code with Trace and crash (SIGABRT) Added tag(s) moreinfo. -- 960073: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960073 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#961060: marked as done (qmail-verify: CVE-2020-3811 CVE-2020-3812)
Your message dated Thu, 21 May 2020 09:20:00 + with message-id and subject line Bug#961060: fixed in netqmail 1.06-6.2 has caused the Debian Bug report #961060, regarding qmail-verify: CVE-2020-3811 CVE-2020-3812 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 961060: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961060 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: netqmail Version: 1.06-6.1 Severity: grave Tags: security upstream Justification: user security hole Control: found -1 1.06-6 Control: found -1 1.06-5 Hi See https://www.openwall.com/lists/oss-security/2020/05/19/8 for the Qualys advisory covering CVE-2020-3811 and CVE-2020-3812. Regards, Salvatore --- End Message --- --- Begin Message --- Source: netqmail Source-Version: 1.06-6.2 Done: Salvatore Bonaccorso We believe that the bug you reported is fixed in the latest version of netqmail, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 961...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated netqmail package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 20 May 2020 22:23:21 +0200 Source: netqmail Architecture: source Version: 1.06-6.2 Distribution: unstable Urgency: high Maintainer: Gerrit Pape Changed-By: Salvatore Bonaccorso Closes: 961060 Changes: netqmail (1.06-6.2) unstable; urgency=high . * Address CVE-2005-1513, CVE-2005-1514, CVE-2005-1515, CVE-2020-3811 and CVE-2020-3812 (Closes: #961060) Checksums-Sha1: 3e08b50a1403506eca9dead4f1e8fd3224802fe8 1867 netqmail_1.06-6.2.dsc b7eaa958f99d286a5fc756491b3087129d2d891f 34656 netqmail_1.06-6.2.diff.gz Checksums-Sha256: 86de716050bcc42abfe6a1d241c2776f20b1d92f1e43a609cd0edd919458d645 1867 netqmail_1.06-6.2.dsc 25e0f8ab45a18e5b6c01b56f487405902104ac0064886f586838551e7e48f86a 34656 netqmail_1.06-6.2.diff.gz Files: 05227f81638d5075901698abf568a222 1867 mail extra netqmail_1.06-6.2.dsc a0cae4ae44b43edb709ed2cd3df3ad5a 34656 mail extra netqmail_1.06-6.2.diff.gz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl7GQtxfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EWTEP/2VBsN8rfzJImVBxJXANIqyAhHlp4tPe SgKTOIn5caen1gt51SpG4qYCuDFs967BQagepfVP/J8shwHTRv05SH5XyokFi/HZ EREbhssApf+tlB4Wpnw+/AovOz/Mn6DQIZtj/V8ofIrP7lG6gjXuPiXlFKtoqWIc 14IH4CYzcc6O1cpC3r/I5FlzfP1tyjimM2OfnDYBV57jUR77xctp2j0pYi4xYcPZ UOBbP0k0oemlS11ML4eA/uxQ55/Al+TNVASgNe/bhVX0f54/iUmQ8D+ZlngL29xO qwbJcDe45o25qQpl4SybHrqouseY7nFDUNj2+VgQK3A2lXdHnLirH+lSJTgP7EEV hAaeuBw0IB12t9wIz5BFFahTSILK8151LWA13B7Rik1WlSuB66yPgTymOKmLq5WZ n5fvpbyUuxtXU04t6wmROqkmaPgtCX9P0RoxQdwwzbtM5TydvuhMHpOHHsHnFxgv ck0hDaIf3FpC0pswImSb0pq0G/iDzN0uAzG7gywn8DUgRsK2hUyKCEy0DzobQz5E hhgPQZ0IV8UgaTq7GPxGCy7CXzTjK3G3fPqEOiwLYuJOnk6Lr2s12XJw3DEOXnUq si21AOAKxSGe515zVoxUO2mpt6llh8dLjlf2Ul1gL4ttJV9i/ZeoPUM+l2uCf5nQ zym8iwnTtHD2 =LRm4 -END PGP SIGNATURE End Message ---
Bug#961060: netqmail: diff for NMU version 1.06-6.2
Dear maintainer, I've prepared an NMU for netqmail (versioned as 1.06-6.2). The diff is attached to this message. I did upload without delay as the version are all the same basically in stretch and buster, apart the two fixed bugs in 6.1 which would so help for the stretch and buster update. We plan to release the DSA only in a few days after possibly someone using qmail could verify the correct functioning. Regards, Salvatore diff -u netqmail-1.06/debian/changelog netqmail-1.06/debian/changelog --- netqmail-1.06/debian/changelog +++ netqmail-1.06/debian/changelog @@ -1,3 +1,10 @@ +netqmail (1.06-6.2) unstable; urgency=high + + * Address CVE-2005-1513, CVE-2005-1514, CVE-2005-1515, CVE-2020-3811 and +CVE-2020-3812 (Closes: #961060) + + -- Salvatore Bonaccorso Wed, 20 May 2020 22:23:21 +0200 + netqmail (1.06-6.1) unstable; urgency=medium * Non-maintainer upload. only in patch2: unchanged: --- netqmail-1.06.orig/debian/diff/0004-Remote-Code-Execution-in-qmail.diff +++ netqmail-1.06/debian/diff/0004-Remote-Code-Execution-in-qmail.diff @@ -0,0 +1,515 @@ +From e80dc4ad2b0ee51315e336253606c0effdd0f117 Mon Sep 17 00:00:00 2001 +From: Qualys Security Advisory +Date: Tue, 19 May 2020 10:05:06 -0700 +Subject: [PATCH] Remote Code Execution in qmail (CVE-2005-1513) + +Qualys Security Advisory + +15 years later: Remote Code Execution in qmail (CVE-2005-1513) + + +Contents + + +Summary +Analysis +Exploitation +qmail-verify +- CVE-2020-3811 +- CVE-2020-3812 +Mitigations +Acknowledgments +Patches + + +Summary + + +TLDR: In 2005, three vulnerabilities were discovered in qmail but were +never fixed because they were believed to be unexploitable in a default +installation. We recently re-discovered these vulnerabilities and were +able to exploit one of them remotely in a default installation. + + + +In May 2005, Georgi Guninski published "64 bit qmail fun", three +vulnerabilities in qmail (CVE-2005-1513, CVE-2005-1514, CVE-2005-1515): + +http://www.guninski.com/where_do_you_want_billg_to_go_today_4.html + +Surprisingly, we re-discovered these vulnerabilities during a recent +qmail audit; they have never been fixed because, as stated by qmail's +author Daniel J. Bernstein (in https://cr.yp.to/qmail/guarantee.html): + +"This claim is denied. Nobody gives gigabytes of memory to each +qmail-smtpd process, so there is no problem with qmail's assumption +that allocated array lengths fit comfortably into 32 bits." + +Indeed, the memory consumption of each qmail-smtpd process is severely +limited by default (by qmail-smtpd's startup script); for example, on +Debian 10 (the latest stable release), it is limited to roughly 7MB. + +Unfortunately, we discovered that these vulnerabilities also affect +qmail-local, which is reachable remotely and is not memory-limited by +default (we investigated many qmail packages, and *all* of them limit +qmail-smtpd's memory, but *none* of them limits qmail-local's memory). + +As a proof of concept, we developed a reliable, local and remote exploit +against Debian's qmail package in its default configuration. This proof +of concept requires 4GB of disk space and 8GB of memory, and allows an +attacker to execute arbitrary shell commands as any user, except root +(and a few system users who do not own their home directory). We will +publish our proof-of-concept exploit in the near future. + +About our new discovery, Daniel J. Bernstein issues the following +statement: + +"https://cr.yp.to/qmail/guarantee.html has for many years mentioned +qmail's assumption that allocated array lengths fit comfortably into +32 bits. I run each qmail service under softlimit -m12345678, and I +recommend the same for other installations." + +Finally, we also discovered two minor vulnerabilities in qmail-verify (a +third-party qmail patch that is included in, for example, Debian's qmail +package): CVE-2020-3811 (a mail-address verification bypass), and +CVE-2020-3812 (a local information disclosure). + + +Analysis + + +We decided to exploit Georgi Guninski's vulnerability "1. integer +overflow in stralloc_readyplus" (CVE-2005-1513). There are, in fact, +four potential integer overflows in stralloc_readyplus; three in the +GEN_ALLOC_readyplus() macro (which generates the stralloc_readyplus() +function), at line 21 (n += x->len), line 23 (x->a = base + n + ...), +and line 24 (x->a * sizeof(type)): + + + 17
Bug#953064: odin: diff for NMU version 2.0.4-0.1
Control: tags 953064 + patch Control: tags 953064 + pending Dear maintainer, I've prepared an NMU for odin (versioned as 2.0.4-0.1) and uploaded it to DELAYED/15. Please feel free to tell me if I should cancel it. cu Adrian diff -Nru odin-2.0.3/debian/changelog odin-2.0.4/debian/changelog --- odin-2.0.3/debian/changelog 2019-11-20 08:16:26.0 +0200 +++ odin-2.0.4/debian/changelog 2020-05-20 23:12:09.0 +0300 @@ -1,3 +1,11 @@ +odin (2.0.4-0.1) unstable; urgency=medium + + * Non-maintainer upload. + * New upstream release. +- Fixed the build on i386. (Closes: #953064) + + -- Adrian Bunk Wed, 20 May 2020 23:12:09 +0300 + odin (2.0.3-2) unstable; urgency=medium * Team upload.
Processed: odin: diff for NMU version 2.0.4-0.1
Processing control commands: > tags 953064 + patch Bug #953064 [src:odin] FTBFS on i386 Added tag(s) patch. > tags 953064 + pending Bug #953064 [src:odin] FTBFS on i386 Added tag(s) pending. -- 953064: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953064 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: tagging 942988
Processing commands for cont...@bugs.debian.org: > tags 942988 + upstream Bug #942988 [src:displaycal] displaycal: Python2 removal in sid/bullseye Added tag(s) upstream. > thanks Stopping processing here. Please contact me if you need assistance. -- 942988: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942988 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed (with 1 error): forcibly merging 938036 886617
Processing commands for cont...@bugs.debian.org: > forcemerge 938036 886617 Bug #938036 [src:python-pmw] python-pmw: Python2 removal in sid/bullseye Bug #886617 [src:python-pmw] python-pmw: Please package version 2.0.0 and include Python 3 support Severity set to 'serious' from 'wishlist' 937569 was blocked by: 936314 936983 936864 938859 938637 938095 936669 938532 936557 947232 936885 937697 938076 936810 938711 936936 938403 942977 936853 936309 936877 937136 938237 936658 937039 936962 937290 936251 937400 936863 937234 936958 942941 936659 942981 937038 936268 936900 937960 936854 943223 938852 937025 938036 936893 938380 937483 938766 942988 938670 936951 938572 937273 936931 936919 937115 936570 937519 936185 938451 937339 936628 937898 936802 936635 936611 938686 938660 935767 937099 936834 936850 938795 943016 936915 936938 936271 937118 937511 937171 938743 937135 936978 938507 936219 945641 936794 936921 938462 936581 936809 938792 936777 937731 938791 936890 936541 938803 936897 937062 936912 937103 936489 938096 936240 936814 936928 936805 937068 936279 936632 936720 938705 936778 938386 937931 943212 937009 936721 936859 937628 938346 935209 936282 936862 938790 936681 938774 937611 938665 936538 936119 938252 936515 936318 936920 936371 937622 936852 936869 936942 936270 938723 936796 937912 937420 936895 936941 936982 936627 938124 937548 936858 936503 938841 937903 938114 936844 938423 936937 937320 938691 938167 936366 937696 945742 937266 936957 938618 937102 937333 936358 936536 938393 936825 936674 937695 938381 936344 936161 936829 942987 936561 938510 936624 936819 936832 936183 936660 936902 936274 937150 883157 945863 936444 936558 938615 937174 937291 938666 943085 937027 938647 938921 936516 936462 936818 936828 936736 938130 936602 936483 936909 936569 937423 937691 937094 936839 937701 936361 942972 936595 938745 937841 937262 937569 was blocking: 938198 Added blocking bug(s) of 937569: 886617 937695 was blocked by: 938584 938425 945626 936247 938188 936951 937940 937776 936561 938232 936442 938651 938437 938860 937673 937330 937170 945723 938346 936166 938572 938567 938241 937019 938529 936760 936657 937062 936498 937600 937077 936733 937103 938402 937700 936370 938098 937089 936757 936660 936736 943026 936303 912491 937773 945623 938751 937471 937547 943268 943104 945726 937261 938285 937501 938836 936794 937024 937727 938111 938758 938259 945677 939181 938909 937712 937682 936105 943024 936609 937508 938480 947302 937268 937769 937387 936693 938583 936949 936190 936858 938516 936339 937364 936179 936796 937026 938834 937055 945724 938649 938248 945624 936187 938809 938513 936304 936775 938586 943062 937023 936793 936634 938875 938220 938181 936958 945719 937635 939259 936164 939111 937379 936208 936709 938410 938497 945689 937317 937627 943237 937644 937297 936864 937210 883173 936149 936645 942989 936917 938369 937492 943225 938327 938690 938617 936580 936979 938622 937420 936483 938605 936887 938764 936416 937523 936321 937904 936611 938013 942924 937254 937448 936226 945647 936890 936817 945747 937939 939109 945701 936158 943140 938374 938083 938591 936681 938705 938016 938845 938468 938811 943047 938790 936805 943253 936745 938278 938779 942977 938382 937459 938196 942962 938763 937852 937047 943121 943280 936484 938157 936525 937001 938818 938730 936556 937485 936966 943008 938461 938542 938014 938271 938666 937903 936537 938376 937253 938050 937643 945708 936718 936219 936830 937140 936472 936467 936863 936262 937970 937806 938598 936688 936788 936289 936866 938029 937202 937577 937562 937952 936450 943254 938300 937441 937803 937743 938072 937519 936328 943210 937415 93 938766 937237 937899 937256 942926 937432 938084 938373 936340 937870 938663 938160 937225 942955 937048 938711 938486 936981 939483 943041 937393 943173 945732 938554 938890 943007 937135 936845 942971 936538 945715 937639 938223 937169 937844 937665 936591 943195 945707 943032 936790 937020 936717 936468 943100 937092 936779 936196 936687 938510 938745 938864 936787 937334 937174 937059 938645 938922 936881 937578 936335 936312 937944 938068 936690 937408 936945 938416 936911 943298 943176 937291 938781 938483 936605 937182 937396 943231 937238 938887 938226 938611 937231 943182 938289 938866 947027 936918 937176 937336 938618 938328 945692 938450 937770 937946 937394 936888 937571 937606 938340 936663 937085 938061 936630 937447 849087 945648 937843 938224 937703 937100 938556 936730 936818 945748 938525 937032 938484 936271 938467 945720 937333 938472 938863 943112 937670 937007 936988 943048 937041 938830 938718 938219 938688 937943 938502 936531 938262 938277 943135 942978 937462 937229 937728 942959 936343 938660 945678 938757 938002 938130 938370 937895 937507 936933 943286 943144 937419 936550 936894 937267 938736 937388 937541 943213 936751 936118 937740 937800 936514 936857 938056 947296 938794 936285 937532 936188 937585
Processed: libgrpc++1 must be linked with libatomic on armel/mips/mipsel/powerpc
Processing control commands: > affects -1 src:collectd Bug #961193 [libgrpc++1] libgrpc++1 must be linked with libatomic on armel/mips/mipsel/powerpc Added indication that 961193 affects src:collectd -- 961193: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961193 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#961193: libgrpc++1 must be linked with libatomic on armel/mips/mipsel/powerpc
Package: libgrpc++1 Version: 1.26.0-2 Severity: serious Tags: ftbfs patch Control: affects -1 src:collectd https://buildd.debian.org/status/package.php?p=collectd=sid ... libgrpc++ . . . . . . no (libgrpc++ not found) ... configure:20579: checking for grpc++/grpc++.h configure:20579: result: yes configure:20632: arm-linux-gnueabi-g++ -o conftest -g -O2 -std=c++11 -Wdate-time -D_FORTIFY_SOURCE=2 -I/<>/debian/include -UCONFIGFILE -DCONFIGFILE='"/etc/collectd/collectd.conf"' conftest.cpp -lgrpc++ -lgrpc -lgpr >&5 /usr/bin/ld: /usr/lib/gcc/arm-linux-gnueabi/9/../../../arm-linux-gnueabi/libgrpc++.so: undefined reference to `__atomic_fetch_add_8' /usr/bin/ld: /usr/lib/gcc/arm-linux-gnueabi/9/../../../arm-linux-gnueabi/libgrpc++.so: undefined reference to `__atomic_store_8' /usr/bin/ld: /usr/lib/gcc/arm-linux-gnueabi/9/../../../arm-linux-gnueabi/libgrpc++.so: undefined reference to `__atomic_load_8' /usr/bin/ld: /usr/lib/gcc/arm-linux-gnueabi/9/../../../arm-linux-gnueabi/libgrpc.so: undefined reference to `__atomic_exchange_8' collect2: error: ld returned 1 exit status ... Fix/workaround: --- debian/rules.old2020-05-17 12:29:13.960982971 + +++ debian/rules2020-05-17 15:35:05.638139356 + @@ -25,6 +25,10 @@ # package maintainers to append LDFLAGS #export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed +ifneq (,$(filter $(DEB_HOST_ARCH), armel mips mipsel powerpc)) + export DEB_LDFLAGS_MAINT_APPEND = -Wl,--no-as-needed -latomic -Wl,--as-needed +endif + export GEM2DEB_TEST_RUNNER = --check-dependencies export DH_RUBY = --gem-install export DH_RUBY_GEM_INSTALL_WHITELIST_APPEND = platform_check.rb version.rb
Bug#961144: marked as done (ucf breaks bacula autopkgtest: Job for bacula-director.service failed)
Your message dated Thu, 21 May 2020 06:19:14 + with message-id and subject line Bug#961144: fixed in ucf 3.0041 has caused the Debian Bug report #961144, regarding ucf breaks bacula autopkgtest: Job for bacula-director.service failed to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 961144: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961144 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: ucf, bacula Control: found -1 ucf/3.0039 Control: found -1 bacula/9.6.3-1 Severity: serious Tags: sid bullseye X-Debbugs-CC: debian...@lists.debian.org User: debian...@lists.debian.org Usertags: breaks needs-update Dear maintainer(s), With a recent upload of ucf the autopkgtest of bacula fails in testing when that autopkgtest is run with the binary packages of ucf from unstable. It passes when run with only packages from testing. In tabular form: passfail ucffrom testing3.0040 bacula from testing9.6.3-1 all others from testingfrom testing I copied some of the output at the bottom of this report. Currently this regression is blocking the migration of ucf to testing [1]. Due to the nature of this issue, I filed this bug report against both packages. Can you please investigate the situation and reassign the bug to the right package? More information about this bug and the reason for filing it can be found on https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation Paul [1] https://qa.debian.org/excuses.php?package=ucf https://ci.debian.net/data/autopkgtest/testing/amd64/b/bacula/555/log.gz autopkgtest [10:36:26]: test backup-test-pgsql: [--- + apt-get -y install debconf-utils Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: debconf-utils 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 57.1 kB of archives. After this operation, 108 kB of additional disk space will be used. Get:1 http://deb.debian.org/debian testing/main amd64 debconf-utils all 1.5.74 [57.1 kB] debconf: delaying package configuration, since apt-utils is not installed Fetched 57.1 kB in 0s (745 kB/s) Selecting previously unselected package debconf-utils. (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 15551 files and directories currently installed.) Preparing to unpack .../debconf-utils_1.5.74_all.deb ... Unpacking debconf-utils (1.5.74) ... Setting up debconf-utils (1.5.74) ... + awk '$3=="password"{print}' + debconf-set-selections + debconf-get-selections + for pkg in bacula-director-mysql bacula-director-pgsql ++ dpkg-query --showformat '${db:Status-Status}' -W bacula-director-mysql + pkg_status=not-installed + '[' not-installed = installed ']' + for pkg in bacula-director-mysql bacula-director-pgsql ++ dpkg-query --showformat '${db:Status-Status}' -W bacula-director-pgsql + pkg_status=installed + '[' installed = installed ']' + echo 'bacula-director-pgsql bacula-director-pgsql/dbconfig-reinstall boolean true' + debconf-set-selections + DEBIAN_FRONTEND=noninteractive + dpkg-reconfigure bacula-director-pgsql dbconfig-common: writing config to /etc/dbconfig-common/bacula-director-pgsql.conf creating postgres user bacula: already exists. resetting password: success. dbconfig-common: dumping pgsql database bacula to /var/tmp/bacula-director-pgsql.bacula.2020-05-20-10.36.pgsql.e6nhYl. dbconfig-common: dropping old pgsql database bacula. dropping database bacula: success. verifying database bacula was dropped: success. creating database bacula: success. verifying database bacula exists: success. populating database via administrative sql... done. populating database via sql... done. dbconfig-common: flushing administrative password + echo 'start testing ... ' start testing ... + echo 'USER: root' USER: root + DBTYPE=pgsql + echo 'DBTYPE: pgsql' DBTYPE: pgsql + '[' pgsql = pgsql ']' + echo '- installing packages ---' - installing packages